From the course: Microsoft Azure Cosmos DB Developer Specialty (DP-420) Cert Prep: 5 Maintain an Azure Cosmos DB Solution by Microsoft Press

Unlock this course with a free trial

Join today to access over 23,200 courses taught by industry experts.

Manage control plane access to Azure Cosmos DB by using Azure role-based access control (RBAC)

Manage control plane access to Azure Cosmos DB by using Azure role-based access control (RBAC) - Azure Tutorial

From the course: Microsoft Azure Cosmos DB Developer Specialty (DP-420) Cert Prep: 5 Maintain an Azure Cosmos DB Solution by Microsoft Press

Start my 1-month free trial Buy for my team

Manage control plane access to Azure Cosmos DB by using Azure role-based access control (RBAC)

- [Instructor] So this is understanding, first of all, the separation between management plane and data plane. Management plane is where you're giving permissions to the account itself. As you can see, we have some built-in Azure AD roles that govern backup. And what I like even more is that notice that they're separated into backup and restore. So you can give a user the ability to configure backup for Cosmos DB but not give them the ability to restore and vice versa. You can give people the ability to read Cosmos DB metadata, not data in the databases and containers, but on the account level, but they would have no access to the data, as I said. Same with operator. Operator can do provisioning but can't work and see the data itself. So the idea here is that you can either use these built-in roles singly or in combination to grant permissions to other users using Azure AD authentication, or you can use just the…

Contents