Internal users
Charmed MongoDB has the following internal users:
user | function |
---|---|
operator |
Admin user that manages database/cluster (i.e. admin) |
monitor |
Manages COS integration |
backup |
Manages all backup operations |
The full list of internal users is available in charm source code.
Full dump of internal users (on the newly installed charm):
mongodb-k8s [primary] admin> db.system.users.find()
[
{ _id: 'admin.operator', userId: new UUID("f4466ca5-7640-4af3-b9eb-6b5a2313696a"), user: 'operator', db: 'admin', credentials: { 'SCRAM-SHA-256': { iterationCount: 15000, salt: 'F6HeW8j0Vseza/r3anU6cHBy+Uiu1f8nmMn8TA==', storedKey: 'yHi6aWAs0blfXiePgh9nkzXw/Vr0JBhBUV0VmXysx+s=', serverKey: 'sJpXiPUrEEV9qlf8ZFng0zolN0Ii3MXKnta1mvaVTEI=' } }, roles: [ { role: 'readWriteAnyDatabase', db: 'admin' }, { role: 'clusterAdmin', db: 'admin' }, { role: 'userAdminAnyDatabase', db: 'admin' } ] },
{ _id: 'admin.backup', userId: new UUID("ece48d5e-985a-4863-8660-8fa2e1a0aa7d"), user: 'backup', db: 'admin', credentials: { 'SCRAM-SHA-256': { iterationCount: 15000, salt: 'QktAJGMGslnfpHg6p/Dd7eGlYb8uzBdBsCEiwg==', storedKey: '/abOk7NijI9u7rf8leRcnpBYImGshmGW7BsXwVpFYrQ=', serverKey: 'QWYXFJm1GhqrGjvqZTAtdKGitL+8B1LNIF3OmkiYyiU=' } }, roles: [ { role: 'readWrite', db: 'admin' }, { role: 'clusterMonitor', db: 'admin' }, { role: 'backup', db: 'admin' }, { role: 'pbmAnyAction', db: 'admin' }, { role: 'restore', db: 'admin' } ] },
{ _id: 'admin.monitor', userId: new UUID("59560831-741d-4417-938a-68056bc80c47"), user: 'monitor', db: 'admin', credentials: { 'SCRAM-SHA-256': { iterationCount: 15000, salt: 'QElyLpAw5PFmc4juu6Nk94Hv/4H1RxQfDgVEyg==', storedKey: 'bW2wC8DheiNkSMdMtZcq149qE9hKIErgcJVtRRghhqA=', serverKey: 'AU271CqwEMTFDorYRPVgyU1J5SvNLIVFWAItw19TvOg=' } }, roles: [ { role: 'clusterMonitor', db: 'admin' }, { role: 'explainRole', db: 'admin' }, { role: 'read', db: 'local' } ] }
]
Note: These users are dedicated to the operator’s logic, and using them incorrectly could damage your deployment.
Use the data-integrator charm to manage external credentials. To learn more, see How To > Manage client connections