Mongo DB Permissions


#1

Can you clarify what permissions Tyk needs for Mongo?

I had setup a user called tyk_analytics with the role [email protected]_analytics however we were getting permission errors.

Temporarily I have added [email protected] which has allowed us to progress however this is clearly not desirable from a security perspective,

Thanks

Carl


#2

Hi Carl,

could you specify what errors you get and where did you find them ? Was it on the Tyk Logs?
Based on that we would be able make a suggestion as it seems to be a more general question.

Thanks,
Kos @ Tyk Support Team


#3

Seems I have worked this out. We are newbies on Mongo so unfamiliar with the roles needed.

I removed the [email protected] role and we got lots of errors such as “not authorised for querying” etc in the tyk-dashboard log.

Looking at the Mongo docs I had granted the dbadmin role however that is only for administration activities.

I have now changed this to dbowner and it appears to be working.

It would be useful to have a recommendation for what role is actually needed and for this to be in the documentation somewhere rather then us having to guess.


#4

Any chance of an answer to this?


#5

Hi Carl,

you should use dbOwner as a role on the DB that Tyk is using , not the admin DB.

Use this command.

Thanks,
Kos @ Tyk Support Team