How can we improve Azure Cosmos DB?

Add Support for Service Tags to Azure Cosmos DB Firewalls

At the moment CosmosDB firewall rules are restricted to IP addresses or ranges. 0.0.0.0 is too permissive and permits access from other Azure users Subscriptions. It would be beneficial if it were possible to use Service tags in security rule definition to reduce the complexity of the Cosmodb firewall configuration in the manner available to Virtual Networks, Firewall or NSGs.

for example

AzureCloud
AzureCloud.EastUS

It is impractical to download the list of Microsoft Azure Datacenter IPs to check and update firewall rules.

6 votes
Vote
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
You have left! (?) (thinking…)
Michael Spinks shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base