Cosmos DB SQL API custom role

John 111 Reputation points
2022-11-26T05:42:31.763+00:00

Hello,
I am trying to add a custom role readmetadata, but getting this error.
Any help would be appreciated.

264320-image.png

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
9,526 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. TP 75,541 Reputation points
    2022-11-26T10:14:06.527+00:00

    Hi,

    Currently you cannot create Azure Cosmos DB custom role definitions via the portal. You could create them via PowerShell, for example: 

    $resourceGroupName = "MyCosmosDB-rg"  
$accountName = "mycosmosdbaccount"  
New-AzCosmosDBSqlRoleDefinition -AccountName $accountName `  
    -ResourceGroupName $resourceGroupName `  
    -Type CustomRole -RoleName CosmosReadMetadata `  
    -DataAction @( `  
        'Microsoft.DocumentDB/databaseAccounts/readMetadata') `  
    -AssignableScope "/"

    Please see this FAQ:

    https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac#is-it-possible-to-manage-role-definitions-and-role-assignments-from-the-azure-portal

    Thanks.

    -TP

    0 comments