I'm building a backend system using MongoDB. Now I want to restrict access on certain numbers of database collections to this system. For example I have users
, admin_users
, pageviews
and I want this system to be able to read and write only admin_users
and pageviews
collections but no read or write access on users
colection. Is there any ways to do so?
MongoDB – Restrict Access at Collection Level
mongodb
Related Question
- MongoDB in Microservices – Best Practices and Structure
- MongoDB: Privileges on objects created by me only
- MongoDB Security – Resolving Localhost Exception
- MongoDB – How to Set Up User Authentication Without Admin Database Access
- MongoDB – Create User with Read and Write Access Only
- MongoDB Configuration – Replicate or Restrict Specific Databases
- MongoDB Collection Level Permission Issues
Best Answer
To the best of my knowledge, there is not yet any built in way (as of version 2.4) to provide access-control at the collection level. Mongo's ACLs go to the Database only. To do what you want you will have to move that
users
collection to a different database.