Enhance your Azure Cosmos DB security by disabling local authentication with primary/secondary keys and enforcing Azure AD identity access for enhanced control and protection.
Table of Contents
Question
You have an Azure Cosmos DB account named account1.
You have several apps that connect to account1 by using the account’s secondary key.
You then configure the apps to authenticate by using service principals.
You need to ensure that account1 will only allow apps to connect by using an Azure AD identity.
Which account property should you modify?
A. disableKeyBasedMetadataWriteAccess
B. disableLocalAuth
C. userAssignedIdentities
D. allowedOrigins
Answer
B. disableLocalAuth
Explanation
Setting disableLocalAuth to true in your Azure Cosmos DB account will prevent clients from using the primary or secondary keys for authentication, forcing them to use Azure AD identities exclusively.
Designing and Implementing Cloud-Native Applications Using Microsoft Azure Cosmos DB DP-420 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Designing and Implementing Cloud-Native Applications Using Microsoft Azure Cosmos DB DP-420 exam and earn Designing and Implementing Cloud-Native Applications Using Microsoft Azure Cosmos DB DP-420 certification.