Role-based access control (RBAC) is available for Azure CosmosDB. By using RBAC, you can manage who has access to CosmosDB resources. You need to have a profile in Azure Active Directory to assign RBAC roles to users, groups or other targets. There are 4 built-in roles you can use. Microsoft announced the CosmosDB Operator role recently.
- DocumentDB Accounts Contributor
- Read roles and role assignments
- Create and manage CosmosDB accounts.
- Create and manage alert rules.
- Create and manage resource group deployments.
- Create and manage support tickets
- CosmosDB Account Reader
- Read any collections
- Read the database account read-only keys
- Read metrics and metric definitions
- Create and manage support tickets
- Cosmos Backup Operator
- Submit a request to configure backup
- Submit a restore request
- Cosmos DB Operator
- Create and manage Insight alert rules
- Read roles and role assignments
- Create and manage resource group deployments
- Create and manage support tickets
Identity and Access Management (IAM)
To configure role-based access control, you need to use the Identity and Access Management pane in Azure Portal. You can find a link under your CosmosDB Account.
Custom Roles
No comments:
Post a Comment