Wednesday, January 11, 2017

8 Simple steps to install mongodb with authentication on EC2 AMI Linux

This blog details how to install MongoDB with authentication on EC2 AMI Linux.

Prerequisites:
  • You have ec2 instance running
  • You have root access to ec2 instance


Step 1: Connect to ec2 instance using pem/ppk file

For MongoDB 3.0, create below file using vi or any other editor

vi /etc/yum.repos.d/mongodb-org-3.0.repo

 Add below content in above created file

 [mongodb-org-3.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/amazon/2013.03/mongodb-org/3.0/x86_64/
gpgcheck=0
enabled=1

Step 2: Install mongodb using below command

sudo yum install -y mongodb-org

Step 3: Start MongoDB service using below command

sudo service mongod start

Step 4: Start MongoDB on reboot

You can optionally ensure that MongoDB will start following a system reboot by issuing the following command:

sudo chkconfig mongod on

Step 5: Connect to mongo shell

Once service is started you need to connect to mongo shell for creating user. To connect to mongo shell use below command

mongo

 If you find below error when using mongo command
“Failed global initialization: BadValue Invalid or no user locale set. Please ensure LANG and/or LC_* environment variables are set correctly” Add export as mentioned below

 export LC_ALL=C

Step 6: Select Admin

Once connected successfully to mongo, select admin

 use admin

Step 7: Create User

Create user as per below:

 db.createUser(
  {
    user: "myUserAdmin",
    pwd: "abc123",
    roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
  }
 )

 Create user for specific database
To create user for a particular database, repeat step 6 with below command

use <databaseName>

 To create user for above database:

 db.createUser(
   {
      user: "<userName>",
      pwd: "<password>",
      roles: [ { role: "readWrite", db: "muddle" }]
   }
 )

 Edit /etc/mongod.conf

 For mongo 3.x, Add this to the config

 security:
   authorization: "enabled"


Then run below command

 service mongod restart

Step 8: Connect remotely

If you want to connect MongoDB remotely, edit below file with vi or any other editor:

 vi /etc/mongod.conf

Add IP in bindIp as per below and restart mongodb service

bindIp: 127.0.0.1,8.8.8.8

Happy Securing!!!
Posted by at No comments:
Labels: , , ,
Location: United States
Subscribe to: Comments (Atom)