I don’t know what is wrong but mongodb ignore restrict read and write roles.
I created DB “TESDB” and user “TestReadUser”
{
"_id" : "admin.TestReadUser",
"userId" : UUID("88c52a39-6834-4ce7-9232-de106a31e800"),
"user" : "TestReadUser",
"db" : "admin",
"roles" : [
{
"role" : "read",
"db" : "TESTDB"
}
],
"mechanisms" : [ "SCRAM-SHA-1", "SCRAM-SHA-256" ]
}
But this user can create,drop, write etc ..
List of DB roles
Authetification in /etc/mongod.conf is enable
security:
authorization: enabled
keyFile: /mongo-security/replicakeyfile.txt
transitionToAuth: true
What is wrong, please ?