AzPolicyAdvertizer

last sync: 2025-Apr-30 18:25:25 UTC
this is the development/test site - data is not accurate. Go to prod

Configure Cosmos DB database accounts to disable local authentication

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure Cosmos DB database accounts to disable local authentication
Id dc2d41d1-4ab1-4666-a3e1-3d51c43e0049
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Cosmos DB
Microsoft Learn
Description Disable local authentication methods so that your Cosmos DB database accounts exclusively require Azure Active Directory identities for authentication. Learn more at: https://docs.microsoft.com/azure/cosmos-db/how-to-setup-rbac#disable-local-auth.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.*.*'
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Modify
Allowed
Modify, Disabled
RBAC role(s)
Role Name Role Id
DocumentDB Account Contributor 5bd9cd88-fe45-4216-938b-f97437e15450
Rule aliases IF (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/capabilities[*].name Microsoft.DocumentDB databaseAccounts properties.capabilities[*].name True False
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth Microsoft.DocumentDB databaseAccounts properties.disableLocalAuth True True
THEN-Operations (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.DocumentDB/databaseAccounts/disableLocalAuth Microsoft.DocumentDB databaseAccounts properties.disableLocalAuth True True
Rule resource types IF (1)
Compliance Not a Compliance control
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Control the use of CosmosDB in a Virtual Enclave 6bd484ca-ae8d-46cf-9b33-e1feef84bfba VirtualEnclaves Preview BuiltIn true
Enforce recommended guardrails for Cosmos DB Enforce-Guardrails-CosmosDb Cosmos DB GA ALZ
History
Date/Time (UTC ymd) (i) Change type Change detail
2023-05-26 17:43:09 change Minor (1.0.0 > 1.1.0)
2021-07-07 15:26:31 add dc2d41d1-4ab1-4666-a3e1-3d51c43e0049
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC