Home > Software engineering >  Using Managed Identity with Cosmos Db Table Api
Using Managed Identity with Cosmos Db Table Api

Time:11-19

I am trying to connect to cosmos db table api using Managed Identity. According to the documentation enter image description here

No

CodePudding user response:

I would do the following:

  1. Ensure you're on the latest version of the Microsoft.Azure.Cosmos package
  2. Ensure that you're using Azure.Identity (MSAL) as opposed to Microsoft.Azure.Services.AppAuthentication (ADAL, which is deprecated)
  3. Ensure that you've enabled managed identity for your app
  4. Ensure that you've created a role assignment for that managed identity's object/application ID in your Cosmos database (either read only or read/write)
  5. Get a CosmosClient with something similar to var cosmosClient = new CosmosClient('yourCosmosClientDBUrl', new DefaultAzureCredential());

DefaultAzureCredential is the Azure.Identity way of getting your access token to a service - it tries to look for authentication info in the following order:

  1. Environment variables
  2. Managed identity injected into the environment
  3. Shared token cache credential
  4. Visual Studio credential
  5. Visual Studio Code credential
  6. AZ CLI credential
  7. Powershell Az credential
  8. Interactive credential (popup browser window)
  • Related