![]() Use case: Least privilege accessĪ security best practice is to apply least privilege access within your databases by creating multiple users that each have least privilege access.įor example, creating a single application user with create, read, update, and delete (CRUD) access to all collections that the application requires and creating one or more support users with read-only access to a subset of collections. For more information regarding RBAC capabilities, see Restricting Database Access Using Role-Based Access Control. This post introduces the new RBAC capabilities in Amazon DocumentDB: creation of custom roles, granular control of permitted operations, and granular control of permitted collections. Two common use cases for user-defined roles are applying least privilege access for the application user and supporting collection-level access control within an Amazon DocumentDB database. Support for user-defined roles builds upon the existing Role-Based Access Control (RBAC) functionality, allowing for more granular access control as well as creating custom roles to simplify user authorization within your Amazon DocumentDB clusters. Amazon DocumentDB (with MongoDB compatibility) is a database service that is purpose-built for JSON data management at scale, fully managed and integrated with AWS, and enterprise-ready with high durability.Īmazon DocumentDB added support for role-based access control (RBAC) with user-defined roles.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |