role based access control in azure using cosmosdb

Dinnemidi Ananda Kumar 60 Reputation points
2024-04-09T18:14:58.1733333+00:00

Hi i need to create role based access using json file of my company employees data which is stored as items in a container in azure cosmos db. All employees data stored in Json format. i am still confused how achieve this in azure. i am creating this for my enterprisegpt chatbot application where i have generic data that is stored in storage account i am able to get insights of this data but to achieve this RBAC what are the steps i should follow to fix this for my chatbot app.

Employee or Member should only be able to view their personal data.

Assistant managers should be able to access their own data and the data of employees reporting to them.

Managers should have access to their data, data of assistant managers reporting to them, and the data of employees under those assistant managers.

CTO & CEO should have access over all the employees in the company.

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,630 questions
Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
806 questions
0 comments No comments
{count} votes

Accepted answer
  1. Azar 22,860 Reputation points MVP
    2024-04-09T19:23:14.8033333+00:00

    Hi there Dinnemidi Ananda Kumar

    that's a good question and thanks for using QandA platform

    To start, make sure your JSON data in Cosmos DB includes role information and reporting structures.

    Now, Azure RBAC comes into play. It's imp for managing access to Azure services, including Cosmos DB. Set up roles and permissions here according to your organizational structure.

    Next, implement custom access control logic within your application. For Employees, they should only view their own data. Assistant Managers should access their data and data of those they manage. Managers should have access to their own data, plus data of their direct reports and their reports' subordinates. As for CTO and CEO, they get access to everything.

    let me drop you the needed documentation links below and go through them for more info

    https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac?source=recommendations

    https://learn.microsoft.com/en-us/azure/cosmos-db/role-based-access-control

    If this helps kindly accept the answer thanks much.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.