Database account authentication and IP whitelists are used to implement access control and protect data security on ApsaraDB for MongoDB.

Database accounts

  • To log on to an ApsaraDB for MongoDB instance, you must pass the username and password authentication.
  • After an ApsaraDB for MongoDB instance is created, a root account is created by default. You can either specify the password for the root account when you create an instance or reset the password after you create an instance.
  • The root account has all management permissions on an ApsaraDB for MongoDB instance. You can log on to the database as the root user to add or delete accounts, and grant permissions to other accounts.

IP whitelists

ApsaraDB for MongoDB allows you to configure IP whitelists for each ApsaraDB for MongoDB instance to implement network access control.

The default whitelist of an ApsaraDB for MongoDB instance contains 0.0.0.0/0, which indicates that the instance is accessible from all IP addresses. You can add IP addresses to a whitelist on the Security Controls page of the console or by using an API operation. IP whitelist updates do not require you to restart the instance. Services of the instance will not be affected.