Share via

Can we allow people to access only part of collections of a Cosmos DB?

Zhuoling Li 1 Reputation point Microsoft Employee
2021-10-11T08:51:16.313+00:00

There is a Cosmos DB having multiple collections where we only care about some of them. Due to security concern, we only require a limited access to this Cosmos DB on collection level.

For example, the Cosmos DB has collection A, B and C but we only want to access A. Can we be allowed to access A while we are forbidden to access B and C? And how?

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,906 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Oury Ba-MSFT 20,926 Reputation points Microsoft Employee Moderator
    2021-10-12T20:04:30.157+00:00

    Hi @Zhuoling Li Thank you for posting your question on Microsoft Q&A.
    You can use cosmos DB resource tokens to restrict users access to Azure Cosmos DB resources.
    Resource tokens are used for this purpose. User just need to create a permission to access just the container A, that should automatically forbid access to the other two containers.
    There is an example in the following documentation. This section specifically shows how to create permission to access a specific container. For the specific container user can either grant full access or read only access. : Learn how to secure access to data in Azure Cosmos DB | Microsoft Learn

    Hope that helps

    Regards,
    Oury

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.