2.可以优先创建标红的mongoDB用户

3.创建用户命令列表

创建用户一定要在具体的db下执行

use admin

Root用户：
db.createUser({user:"root", pwd:“pwd", roles:[{role:"root", db:"admin"}]})(一般不要用这个用户)

仅次于ROOT用户的：
db.createUser({ user:"admin",pwd:"pwd", 
roles:[ 
{role:"clusterAdmin",db:"admin"},
{role:"userAdminAnyDatabase",db:"admin"},
{role:"dbAdminAnyDatabase",db:"admin"},
{role:"readWriteAnyDatabase",db:"admin"} 
]})

门管理用户的：
db.createUser({user:"userAdmin", pwd:“pwd", roles:[{role:"userAdminAnyDatabase", db:"admin"}]})

备份用户的：
db.createUser({user:"backup", pwd:" pwd ", roles:[{role:"backup", db:"admin"}]})

恢复用户：
db.createRole({role:"restoreEx", ,privileges:[{resource:{anyResource:true},actions:["anyAction"]}],roles:[{role:"restore", db:"admin"}]})（这个权限开的太大了）
db.createRole({role:‘restoreEx’, ,privileges:[{resource:{db:“config”,collection:“system.sessions”},actions:[‘find’,‘insert’,‘remove’,‘update’]}],roles:[{role:“restore”, db:“admin”}]})(优先这个)
db.adminCommand({ createRole: "restoreEx", privileges: [ { resource: { db: "config", collection: "system.sessions" }, actions: [ "find", "update", "insert", "remove" ] }, ],  roles: [ { role: "restore", db: "admin" } ],  writeConcern: { w: "majority" , wtimeout: 5000 }})

删除用户：
db.dropUser(“xxx”);

删除角色：
db.dropRole(“‘restoreEx”)；

修改密码：
db.changeUserPassword("restore",“pwd")

权限与用户：
db.grantRolesToUser("restore", [{role:"restoreEx",db:"admin"}])
db.revokeRolesFromUser("admin",["restore"])

权限与角色：
db.getRole( "restore", { showPrivileges: true } )
db. grantPrivilegesToRole("restore", [{resource:{db:"config",collection:"system.sessions"},actions:["find","insert","remove","update"]}])

4.其它：

show users：只显示具体某个DB的用户
db.system.users.find()：显示的是整个集群里的所有用户