How to connect to cosmos DB using sql rest apis via rbac assigned role. what are the steps. i need to connect from IBM IIB layer

Amit Kumar 61 Reputation points
2022-08-29T07:06:07.107+00:00

I have been given contributor role for cosmos db, eaelier i was connecting via Keys. now need to switch to rbac. i need to call the cosmos rest apis for doing data changes via rbac, what are the steps to do it?
Do i need to generate a AAD token? what detail si need from Azure side in my IIB application. Application itself is deployed in Azure.

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
1,433 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,311 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vidya Narasimhan 2,201 Reputation points Microsoft Employee
    2022-08-29T17:09:24.82+00:00

    Hi @Amit Kumar
    If the IIB application is deployed on Azure VM, you can use managed identity to access the Cosmos DB using RBAC. This links details the RBAC roles for Cosmos DB that you can assign to managed identity https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac

    Below link provides sample code on how to get a managed identity credential in different languages and initialise a cosmos client.
    https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-vm-managed-identities-cosmos?tabs=azure-portal#access-data

    You can also use key based authentication but Azure AD auth with service principal/managed identity is recommended.


0 additional answers

Sort by: Most helpful