[SERVER-11648] Add passthrough connection to shard via mongos Created: 08/Nov/13 Updated: 06/Dec/22 |
|
| Status: | Open |
| Project: | Core Server |
| Component/s: | Admin, Security, Sharding |
| Affects Version/s: | None |
| Fix Version/s: | features we're not sure of |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Scott Hernandez (Inactive) | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Server Security
|
||||||||
| Participants: | |||||||||
| Description |
|
There are cases where administrative operations must be run directly on shards (and specific members in the shard) but the credentials for the shards are different or non-existant on the shards. It would be good if mongos provided a way to target individual members of the shards. |
| Comments |
| Comment by Andreas Nilsson [ 13/Mar/14 ] |
|
Well if this would be implemented it would resolve SERVER-12798 but it requires a substantial architecture change to our commands structure. Let's discuss this suggestion as part of SERVER-12798. |
| Comment by Scott Hernandez (Inactive) [ 06/Mar/14 ] |
|
This is a little more complicated since it might be that the client cannot access the shards (or some members) directly, but mongos can. |
| Comment by Andy Schwerin [ 06/Mar/14 ] |
|
This feature request describes another attempt to resolve SERVER-12798. |