Security Concepts¶

These documents introduce and address concepts and strategies related to security practices in MongoDB deployments.

Access Control: Control access to MongoDB instances using authentication and authorization.
Inter-Process Authentication: Components of a MongoDB sharded cluster or replica set deployment must be able to authenticate to each other to perform routine internal operations.
Sharded Cluster Security: MongoDB controls access to sharded clusters with key files.
Network Exposure and Security: Discusses potential security risks related to the network and strategies for decreasing possible network-based attack vectors for MongoDB.
Security and MongoDB API Interfaces: Discusses potential risks related to MongoDB’s JavaScript, HTTP and REST interfaces, including strategies to control those risks.

← Security Introduction Access Control →