November 19th, 2024

New RBAC Features for vCore-based Azure Cosmos DB for MongoDB

Sajeetharan Sinnathurai
Principal Program Manager

We’re excited to announce a major security enhancement for the vCore-based Azure Cosmos DB for MongoDB: Role-Based Access Control (RBAC) Integration for Secondary Users with Read/Read Write Privileges. Now available in public preview, this feature enables organizations to control data access with greater precision while preserving the flexibility and high performance that Azure Cosmos DB delivers. What’s New? 

With this release, administrators using vCore-based Azure Cosmos DB for MongoDB can assign specific access roles to secondary users, granting them the required Read or Read Write privileges to access clusters. This capability enables organizations to enforce precise access restrictions, keeping sensitive data secure. Key highlights of this new RBAC feature include: 

  • Granular Access Control: Assign Read or Read Write roles to secondary users, giving them access solely to the data they need, and no more. This fine-tuned control reduces the risk of data exposure and strengthens the overall security of your data environment. 
  • Enhanced Security: Protect primary data integrity by restricting modifications to trusted users only, minimizing the chance of unauthorized or accidental changes by secondary users. 
  • Seamless Integration: Easily incorporate RBAC into your existing vCore-based Cosmos DB for MongoDB setup with minimal configuration, making it simple to enhance security without operational disruptions. 
  • Scalability: As your organization scales, manage access consistently across multiple databases and clusters, maintaining a robust security model that grows alongside your data needs. 

Image rbac

 Why This Matters 

Data access control has become a critical element of modern data governance. By offering role-based access for secondary users, this feature enables organizations to strike a balance between data security and accessibility, allowing relevant stakeholders to retrieve critical information without compromising sensitive assets. 

Here are some key scenarios where this new feature can make a significant impact: 

  • Development and Testing: Control access in a development environment, allowing developers to read or modify data as needed without affecting production environments. 
  • Data Analysis and Insights: Grant data analysts access to read-only data views to generate insights, while safeguarding data integrity. 
  • Regulated Industries: Industries like finance, healthcare, and government can benefit from granular access control, complying with regulatory mandates while enabling efficient data operations. 

 Getting Started 

Here is an example on how to Create a Read Only role using Mongo Shell:  

Image shell user

 If you’re excited about what this feature can do for you, try it out today!  Check out the documentation  to get started. 

Leave a review 

Tell us about your Azure Cosmos DB experience! Leave a review on PeerSpot and we’ll gift you $50. Get started here. 

 About Azure Cosmos DB 

Azure Cosmos DB is a fully managed and serverless distributed database for modern app development, with SLA-backed speed and availability, automatic and instant scalability, and support for open-source PostgreSQL, MongoDB, and Apache Cassandra. Try Azure Cosmos DB for free here. To stay in the loop on Azure Cosmos DB updates, follow us on X, YouTube, and LinkedIn. 

Author

Sajeetharan Sinnathurai
Principal Program Manager

Principal Product Manager passionate about empowering developers with exceptional tools and experiences. Currently part of the Azure Cosmos DB team, driving developer-focused features like GraphQL, JavaScript SDK, integrations, and tooling. Interested in web development or cloud? Let’s connect!

0 comments