Database account authentication and IP whitelists are used to implement access control and protect data security on ApsaraDB for MongoDB.
Database accounts
- To log on to an ApsaraDB for MongoDB instance, you must pass the username and password authentication.
- After an ApsaraDB for MongoDB instance is created, an initial root account is created by default. You can either specify the password for the root account when you create an instance or reset the password after you create an instance. For more information about how to specify the password, see (Optional) Reset a password.
- The root account has all permissions on an ApsaraDB for MongoDB instance. You can log on to the database as the root user to add, delete, or grant permissions to other accounts.
IP whitelists
ApsaraDB for MongoDB allows you to configure IP whitelists for each ApsaraDB for MongoDB instance to implement network access control.
The default whitelist of an ApsaraDB for MongoDB instance contains 127.0.0.1, which
indicates that the instance is inaccessible from all IP addresses. You can add IP
addresses to a whitelist in one of the following ways:
- Go to the Security Controls page of the console. For more information, see Configure a whitelist or an ECS security group for an ApsaraDB for MongoDB instance.
- Call the ModifySecurityIps operation. For more information, see ModifySecurityIps.