403 Forbidden using mongorestore for Cosmos DB - mongodb

I am trying to restore a dumped DB on Cosmos using mongorestore command but unfortunately it is throwing an error as follows:
error running create command: (Unauthorized) Error=13, Details='Response status code does not indicate success: Forbidden (403); Substatus: 0; ActivityId: 421d33eb-dea0-4372-92b0-ece63fd2b357; Reason: ("Operation 'POST' on resource 'dbs' is not allowed through Azure Cosmos DB endpoint. Please switch on such operations for your account, or perform this operation through Azure Resource Manager, Azure Portal, Azure CLI or Azure Powershell"
ActivityId: 421d33eb-dea0-4372-92b0-ece63fd2b357, Microsoft.Azure.Documents.Common/2.11.0, Please see CosmosDiagnostics, Windows/10.0.14393 cosmos-netstandard-sdk/3.3.2);
2020-08-25T20:47:42.088+0530 0 document(s) restored successfully. 0 document(s) failed to restore.
I am following this link provided by Microsoft to migrate data: https://azure.microsoft.com/en-in/resources/videos/using-mongodb-tools-with-azure-cosmos-db/
The command used for restoring the DB is as follows:
mongorestore --host HOSTNAME:PORT -u USERNAME -p PASSWORD --db DBNAME DUMPED_DB_DIRECTORY_PATH --ssl --sslAllowInvalidCertificates
Which account it is referring to enable the operation and How do I enable the operation on my account as highlighted by the logs ? Is there any equivalent of mongorestore in Azure CLI or Portal ?
I tried restoring a single collection also but the same error came up. I was successfully able to dump the data from my another Cosmos DB instance.

It was a problem from the Azure policy side. The Azure policy respective to the Cosmos DB which prevents key based metadata write access was enabled hence, not able to do any changes in the DB. The organisation put that policy in place, now it is resolved after disabling the policy.

Related

DMS Migration MongoDB source and RDS Postgres as destination

I want to start existing and ongoing replication from source MongoDB to destination RDS Postgres.
All the security network is done and successful.
RDS VPC and DMS VPC are connected using VPC peering, target endpoint test connection status is successful
DMS VPC IP is whitelisted in another AWS account MongoDB server, source endpoint test connection status is successful
In the Endpoint schemas section both database schemas are visible.
Created a DMS migration task to start the migration of one document of MongoDB to Postgres Database.
Premigration assessments were successful.
Empty scheme with the MongoDB schema name got created in PostgresDB.
The table awsdms_apply_execution is also empty in Postgres DB.
But the task shows running with error and error, and cloud watch logs also show no error.

cannot connect to mongo cluster - user is not allowed to do action [getLog] on [admin.]

I have created a user and added my IP to whitelist.
when trying to connect to a cluster through mongo shell, i am required to enter the following line: mongo "mongodb+srv://cluster0.****.mongodb.net/" --username --password
I have filled in credentials for username and password and replaced dbname with my database name(tried using non-existing one as well in case that was the problem). it connects to the shell, but then crashes with the following error:
Error while trying to show server startup warnings: user is not allowed to do action [getLog] on [admin.]
MongoDB Enterprise atlas-7cwf8s-shard-0:PRIMARY>
tried googling and youtubing the issue, but cannot find the match on how to fix it.
Many thanks
That message says that the shell is unable to show you server startup warnings. It's expected in Atlas environment.
Supposing that's your own cluster, then:
Check the user in Atlas > Database Access
Check the MongoDB Roles header in the table.
If it's not atlas Admin, you can't issue this command:
db.adminCommand({getLog:"startupWarnings"})
Or any admin command, which is issued or tested automatically in the connection, hence the error.
Edit MongoDB Roles to the highest privileges (atlas Admin)
But you can still work anyways.
If you're accessing someone else's cluster, then there isn't much to do.

Authorization error while running db.command("usersInfo") in a mongodb atlas instance

getting "pymongo.errors.OperationFailure: not authorized on admin to execute command" on Atlas mongo db instance.
And while I run the same command on a local mongo DB instance, I don't get the error.
db.command("usersInfo")
This is expected in Atlas shared tier (M0/M2/M5). See:
Unsupported Commands in M0/M2/M5 Clusters
Unsupported Commands in M10+ Clusters
Regarding usersInfo:
This command can only be called with arguments:
{user: <MYUSER>, db: 'admin'}
Local MongoDB instances wouldn't have this restriction because it's entirely your responsibility to secure the deployment, and thus not subject to strict secure default settings like Atlas.

Migrate mongodb to Google Cloud Compute Cluster

I have a mongodb in a replica set running with a cloud provider called compose.io.
I just created a new Google cloud compute mongodb cluster using these instructions
I want to copy all the data in my compose database to the compute instance.
One path I have been following has led me to get a file system backup of the running database and store it locally. I have opened that database locally and executed mongodump (I didn't seem to have permission to do that against the remote database) so I have the output of mongodump and a file system copy of the database stored on my machine.
I have no idea how to get any of this in to the compute cluster I created. I don't seem to be able to run mongorestore although figuring that out is still my main path at the moment. I am getting authentication errors which may be my not getting the command right or a database configuration issue. I am not sure yet.
I tried mongorestore from my local machine to the machine holding the primary database in the replica set.
Edit:
The last thing I tried was copy scp the mongodump output on to that machine and run mongorestore there.
I got this error:
2015-01-28T23:35:40.303+0000 Creating index: { key: { _id: 1 }, ns: "admin.system.users", name: "_id_" }
Error creating index admin.system.users: 13 err: "not authorized to create index on admin.system.users"
Aborted
Now I don't seem to be able to run any commands in mongo that require any kind of privileges, such as list database. Tried passing credentials for users that existed in the original database but that is not working so far.
Here is one possible fix.
Turn off auth in mongod.conf:
# mongod.conf
#auth=false
noauth=true
Run the mongorestore, then restart mongod with auth enabled.

connecting to remote mongo db server and running clone

I am migrating from server OLD at the old hosting company to server NEW at the new hosting company.
I want to run the clone command so I clone the mongoDB from OLD to NEW.
For OLD:
The public ip address is: 44.55.66.77.
The machine login user name is: admin, and the password is password
What is the right way to do this?
So far I can't even log into the server OLD
So far I have tried the following command prompts on NEW:
mongo -u admin -p password 44.55.66.77
mongo remote-ip:44.55.77.66 -u admin -p password
That don't work
I also tried this from mongo shell:
db.CopyDatabase('OldDb', 'NewDb', '44.55.66.77', 'admin', 'password')
and I get: the "could not connect to server" error message
Aside from firewall considerations in order to copy data between MongoDB servers, db.copyDatabase() (aka the copydb command) has a number of important usage caveats including:
copydb does not produce point-in-time snapshots of the source database; writing data to the source or destination database during the copy process will result in divergent data sets
copydb does not lock the destination server during its operation, so the copy will occasionally yield to allow other operations to complete.
There is also a known issue that copydb may not work with the role-based privileges in MongoDB 2.4 if you have authentication enabled (see SERVER-8213, which was recently fixed in the 2.5.x development releases).
A much better approach to migrating your data would be to restore from a normal backup using mongodump/mongorestore or file system snapshots. The Backup & Recovery section of the MongoDB manual has tutorials covering procedures for different deployment types.