Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-11495

The permission of Migrate with MongoMirror is a little ambiguous.

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Minor - P4 Minor - P4
    • None
    • None
    • mongomirror
    • None

    Description

      While at a customer we followed the steps as described in the "Migrate with MongoMirror" page:

      https://docs.atlas.mongodb.com/import/mongomirror/#set-up-mongodb-user-in-the-target-service-cluster

      In step 2 Setup MongoDB user in the target Atlas cluster the discription is ambiguous, and can lead to a migration to fail.

      "To run mongomirror, you must specify a MongoDB user that has readWriteAnyDatabase and dbAdminAnyDatabase privileges in the Atlas cluster. For example, a user with Atlas admin role provides these privileges."

      The above state that you only need readWriteAnyDatabase and dbAdminAnyDatabase. When you only have there you cannot apply the oplog to the destination, and the migration fail before writing a token to be able to continue, this could be a time sink, as the initial sync has to be restarted.

      According to the mongoMirror reference documents it states Atlas Admin role has the appropriate privilages: (https://docs.atlas.mongodb.com/reference/mongomirror/#destination-authorization)
      "You must specify an Atlas MongoDB user with the Atlas admin role to run mongomirror. See Add MongoDB Users for documentation on creating an Atlas MongoDB user."

      I suggest changing the wording in the "Migrate with MongoMirror" to the following to avoid confusion:

      "To run mongomirror, you must specify a MongoDB user Atlas admin role."

      Attachments

        Activity

          People

            ravind.kumar Ravind Kumar (Inactive)
            dawid.esterhuizen@mongodb.com Dawid Esterhuizen
            Votes:
            3 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              5 years, 33 weeks, 6 days ago