Create mongo user for Apono

Creating a user

Connector requires to have a user in the DB instance so it can provision access. Provisioning is done by creating an admin user in the database.

  1. In MongoDB, switch to admin database
use admin;
  1. Create user for Connector in the instance, type in some secure password
db.createUser({
  user: "apono-connector",
  pwd:  "password",
  roles: [
    {
        "role" : "clusterMonitor",
        "db" : "admin"
    },
    {
        "role" : "userAdminAnyDatabase",
        "db" : "admin"
    },
    {
        "role" : "readWriteAnyDatabase",
        "db" : "admin"
    },
    {
        "role" : "clusterManager",
        "db" : "admin"
    }
  ]
});
  1. Using aws-cli, store in AWS Secret Manager, make sure to replace #SECRET_NAME,#REGION, #PASSWORD
aws secretsmanager create-secret --name "#SECRET_NAME" --tags '[{"Key":"apono-connector-read","Value":"true"}]' --region #REGION --secret-string '{
    "username":"'"apono-connector"'",
    "password":"'"#PASSWORD"'"
}'

Assign Secret

The connector user needs to use its respective secret, which was stored in AWS Secret Manager.