This tool will export Amazon DocumentDB or MongoDB users and custom roles to files, which then can be used to create them in another cluster. Note: Passwords are not exported.
- Python 3.7+
- PyMongo
python3 docdbExportUsers.py --users-file <users-file> --roles-file <roles-file> --uri <docdb-uri>
python3 docdbExportUsers.py --users-file mydocdb-users.js --roles-file mydocdb-roles.js --uri "mongodb://user:password@mydocdb.cluster-cdtjj00yfi95.eu-west-2.docdb.amazonaws.com:27017/?tls=true&tlsCAFile=rds-combined-ca-bundle.pem&replicaSet=rs0&retryWrites=false"
Run the custom roles .js script:
mongo --ssl --host mydocdb.cluster-cdtjj00yfi95.eu-west-2.docdb.amazonaws.com:27017 --sslCAFile rds-combined-ca-bundle.pem --username <user> --password <password> mydocdb-roles.js
Edit the users .js script and update passwords for each user. Run the users .js script:
mongo --ssl --host mydocdb.cluster-cdtjj00yfi95.eu-west-2.docdb.amazonaws.com:27017 --sslCAFile rds-combined-ca-bundle.pem --username <user> --password <password> mydocdb-users.js
This tool is licensed under the Apache 2.0 License.