MongoDB Security - Are User Roles Required?
I have a droplet with my MongoDB.
On reading some security tutorials I see mention of enabling auth
auth = true however I’m unsure whether I need this?
I SSH into my droplet with a sudo account. The operations I need to perform on the DB can be either read or update/insert. So is there any need to use a create another user with high enough credentials to do this? Just feels like I’m duplicating another user.
Also to add my MongoDB droplet only talks to my node droplet which in turn is open to the world (web app).
Any advice appreciated.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×