Creating a Database Account Using Commands
Scenarios
When creating a database account for a specified DB instance, you are advised to enable the SSL connection to improve data security.
Prerequisites
- For details on how to connect to a cluster instance, see Connecting to a Cluster Instance Over Private Networks.
- For details on how to connect to a replica set instance, see Connecting to a Replica Set Instance Over Private Networks.
Account Description
To manage DDS DB instances, users root, monitor, and backup are automatically created when you create a DDS DB instance. Attempting to delete, rename, change the passwords, or change privileges for these accounts will result in errors.
You can change the password of the database administrator rwuser and any accounts you create.
Setting Password Strength for Database Accounts
- The administrator password must meet the following password policy:
- Contains 8 to 32 characters.
- Must be a combination of uppercase letters, lowercase letters, digits, and special characters: ~!@#%^*-_=+?
- The database user created on the client must meet the following password policy:
- Contains 8 to 32 characters.
- Must be a combination of uppercase letters, lowercase letters, digits, and special characters: ~@#%-_!*+=^?
When you create a DB instance, DDS automatically checks your password strength. You can change the password as user rwuser. For security reasons, you are advised to set up a strong password.
Creating an Account
- Run the following command to select the admin database:
use admin
- Run the following command to create a database account (user1 as an example):
db.createUser({user: "user1", pwd: "Test_12345", passwordDigestor:"server", roles:[{role: "root", db: "admin"}]})
- server: indicates that the password is encrypted on the server.
- Test_12345: indicates the example new password. The password must be 8 to 32 characters in length and contain uppercase letters, lowercase letters, digits, and special characters, such as ~@#%-_!*+=^?
- roles restricts the rights of the account. If an empty array is specified, the account does not have any permission.
- Check the result:
The account is successfully created if the following information is displayed:
Successfully added user: { "user" : "user1", "passwordDigestor" : "server", "roles" : [ { "role" : "root", "db" : "admin" } ] }
Changing a Password
- Run the following command to select the admin database:
use admin
- Uses user user1 as an example. Run the following command to change its password:
db.updateUser("user1", {passwordDigestor:"server",pwd:"newPasswd12#"})
- server: indicates that the password is encrypted on the server.
- newPasswd12#: indicates the example new password. The password must be 8 to 32 characters in length and contain uppercase letters, lowercase letters, digits, and special characters, such as ~@#%-_!*+=^?
- Check the setting result. The password is successfully changed if the following information is displayed:
- Cluster
mongos>
- Replica set
replica:PRIMARY>
- Cluster
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
