Minimus updates the image's MongoDB package regularly to incorporate the latest official security releases and validates versions against supported vendor baselines. View the Minimus new version SLA for further information.

Authorization is explicitly enabled in the image configuration.

Localhost authorization bypass is explicitly disabled by default (setParameter.enableLocalhostAuthBypass: false).

Minimus verified the configuration to ensure the mongod/mongos process owner is a dedicated non-root, non-privileged account.

This image uses a NIST CMVP certified FIPS 140-3 cryptographic provider. The Minimus implementation is functionally equivalent to the MongoDB CIS Benchmark recommendation. See the FIPS tab for further information.

Configured to disable quiet logging (systemLog.quiet: false).

Configured to append new entries to the end of log files as required (systemLog.logAppend: true).

This image is configured to use a non-default port (net.port is not configured to 27017).

The default configuration is set to disable server-side JS features with security.javascriptEnabled: false.