This topic describes how to create a database account and grant permissions to the account on an ApsaraDB for MongoDB instance which is connected by using Data Management (DMS).
Background information
We recommend that you do not use the root account to connect to the instance in the production environment. You can create another database account and grant permissions to connect to the instance.
If you use another database account to connect to the instance, you must grant the required permissions to the database account. If you use a database account to which you do not grant permissions, you cannot perform any database operations after you connect to the instance. In this case, error messages such as "Exception authenticating..." are returned.
Limits
Database accounts created by using DMS are not listed on the Accounts page in the ApsaraDB for MongoDB console.
A database account belongs to the database in which the account is created.
Prerequisites
Procedure
On the SQL Console tab of the DMS console, create a database account named test, set the password to 123456Aa, set the database to admin, and grant the account the read permission. You can run the following command:
db.createUser({user: "test", pwd: "123456Aa", roles:[{role: "read", db: "admin"}]})NoteFor more information about permissions, see Roles of database accounts.
If a value of
1.0is returned forok, the account is created. Otherwise, the account cannot be created.After the database account is created, you can view it on the Account Management page in the DMS console.
In the left-side navigation pane, choose Database instance > Instances Connected. Then, find the instance to which the database belongs and right-click its ID.
Select Account Management from the shortcut menu.
On the Account Management page, click Database Management, select the database, and then view the accounts created on the database.