I'm trying to set up backups on a mongoDB instance (version 4.4) using mongodump. That requires access to the config database and my mongo user doesn't have that, despite being in the root role. (From my understanding of the documentation on built-in roles, a user with the root role should be able to backup all databases on the instance.)
When I try to run mongodump, I get this error:
root@mongo-db1:/srv/mongo# mongodump --username=rcroot --password="secret" --out=/var/backups/20200925
2020-09-26T05:40:20.138+0000 Failed: error counting config.system.indexBuilds: not authorized on config to execute command { count: "system.indexBuilds", query: {}, $readPreference: { mode: "secondaryPreferred" }, $db: "config" }
So apparently my user doesn't have access to config. Here's my user:
rs0:PRIMARY> db.getUser("rcroot")
{
"_id" : "admin.rcroot",
"userId" : UUID("81fc86ff-6d12-4d23-83ab-7fc2591516a2"),
"user" : "rcroot",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "root",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
I get similar errors to the above if I log in to the mongo shell with my root user and try to access anything in the config database. I do have authentication enabled, as I am starting mongod with the --auth flag:
mongod --auth --replSet rs0 --keyFile /data/db/keyfile --enableMajorityReadConcern false
So my question is: what do I need to do to grant this user true root access to all databases on my mongo instance?
