First and foremost, security is our priority
Microsoft makes security a priority at every step, from code development to incident response. Azure code development adheres to Microsoft’s Security Development Lifecycle (SDL) - a software development process that helps developers build more secure software and address security compliance requirements while reducing development cost. Azure Security Center makes Azure the only public cloud platform to offer continuous security-health monitoring. Azure is ubiquitous, with a global footprint approaching nearly 40 geographical regions and continuously expanding. With its worldwide presence, one of the differentiated capabilities Azure offers is the ability to easily build, deploy, and manage globally distributed data-driven applications that are secure.
DocumentDB has a number of powerful security features built-in. To secure data stored in an Azure DocumentDB database account, DocumentDB provides support for a secret-based authorization model that utilizes a strong hash-based message authentication code (HMAC). In addition to the secret based authorization model, DocumentDB also supports policy driven IP-based access controls for inbound firewall support. This model is very similar to the firewall rules of a traditional database system and provides an additional level of security to the DocumentDB database account. With this model, you can now configure a DocumentDB database account to be accessible only from an approved set of machines and/or cloud services. Once this configuration is applied, all requests originating from machines outside this allowed list will be blocked by the server. Access to DocumentDB resources from these approved sets of machines and services still require the caller to present a valid authorization token. All communication inside the cluster in DocumentDB (e.g., replication traffic) is using SSL. All communication from Mongo (or any other clients) to DocumentDB service is always using SSL.To learn more about securing access to your data in DocumentDB, see Securing Access to DocumentDB Data.
The table below maps current DocumentDB features to the security checklist that MongoDB recommends.
Enable Access Control and Enforce Authentication
Enabled by default
Only discovery/authentication commands like IsMaster/GetLastError/WhatsMyUri are supported before authentication
Configure Role-Based Access Control
Each DatabaseAccount has its own key.
Support for ReadOnly keys to limit access.
No default user/account present.
We do not allow non-SSL communication – all communication to service is always over SSL.
DocumentDB requires TLS1.2 which is more secure than TLS1, SSL3
Encrypt and Protect Data
Encryption at rest
Limit Network Exposure
Audit System Activity
We audit all APIs and all system activities, and plan to expose it to customers using Portal shortly (today we already expose it to customers when they ask for it).
Run MongoDB with a Dedicated User
DocumentDB is a multi-tenant service so no account has direct access to the core operating system resources.
Run MongoDB with Secure Configuration Options
DocumentDB only support MongoDB wire protocol and does not enable HTTP/JSONP endpoints
The capabilities offered by DocumentDB span beyond that of traditional geographical disaster recovery (Geo-DR) offered by "single-site" databases. Single site databases offering Geo-DR capability are a strict subset of globally distributed databases. With DocumentDB's turnkey global distribution, developers do not have to build their own replication scaffolding by employing either the Lambda pattern (for example, AWS DynamoDB replication) over the database log or by doing "double writes" across multiple regions. We do not recommend these approaches since it is impossible to ensure correctness of such approaches and provide sound SLAs.
DocumentDB enables you to have policy-based geo-fencing capabilities. Geo-fencing is an important capability that ensures data governance and compliance restrictions and may prevent associating a specific region with your account. Examples of geo-fencing include (but are not restricted to), scoping global distribution to the regions within a sovereign cloud (for example, China and Germany), or within a government taxation boundary (for example, Australia). The policies are controlled using the metadata of your Azure subscription.
For failover, you can specify an exact sequence of regional failovers if there is a multi-regional outage and you can associate the priority to various regions associated with the database account. DocumentDB will ensure that the automatic failover sequence occurs in the priority order you specified.
We are also working on encryption-at-rest and in-motion. Customers will be able to encrypt data in DocumentDB to align with best practices for protecting confidentiality and data integrity. Stay tuned for that.
Second, you don’t have to rewrite your Apps
Moving to DocumentDB doesn’t require you to rewrite your apps or throw away your existing tools. DocumentDB supports protocol for MongoDB, which means DocumentDB databases can now be used as the data store for apps written for MongoDB. This also means that by using existing drivers for MongoDB databases, your applications written for MongoDB can now communicate with DocumentDB and use DocumentDB databases instead of MongoDB databases. In many cases, you can switch from using MongoDB to DocumentDB by simply changing a connection string. Using this functionality, you can easily build and run MongoDB database applications in the Azure cloud - leveraging DocumentDB's fully managed and scalable NoSQL databases, while continuing to use familiar skills and tools for MongoDB. Furthermore, we only support SSL for Mongo (not http) for the benefit of all users. Other benefits that you can get right away (that you can’t get anywhere else) include:
- No Server Management - DocumentDB is a fully managed service, which means you do not have to manage any infrastructure or Virtual Machines yourself. And DocumentDB is available in all Azure Regions, so your data will be available globally instantly.
- Limitless Scale - You can scale throughput and storage independently and elastically. You can add capacity to serve millions of requests per second with ease.
- Enterprise grade - DocumentDB supports multiple local replicas to deliver 99.99% availability and data protection in the face of both local and regional failures. You automatically get enterprise grade compliance certifications and security features.
- MongoDB Compatibility - DocumentDB protocol support for MongoDB is designed for compability with MongoDB. You can use your existing code, applications, drivers, and tools to work with DocumentDB.
Third, we do it with love…
Welcome to real planet-scale NoSQL revolution!
We’re thrilled you’re going to be helping us define our NoSQL product (which capabilities to add, which APIs to support, and how to integrate with other products and services) to make our service even better. DocumentDB powers the businesses of banking and capital markets, professional services and discrete manufacturers, startups and health solutions. It is used everywhere in the world, and we’re just getting started. We’ve created something that both customers and developers really love and something we are really proud of! The revolution that is leading thousands of developers to flock to Azure DocumentDB has just started, and it is driven by something much deeper than just our product features. Building a product that allows for significant improvements in how developers build modern applications requires a degree of thoughtfulness, craftsmanship and empathy towards developers and what they are going through. We understand that, because we ourselves are developers.
We want to enable developers to truly transform the world we are living in through the apps they are building, which is even more important than the individual features we are putting into DocumentDB. Developing applications is hard, developing distributed applications at planet scale that are fast, scalable, elastic, always available and yet simple - is even harder. Yet it is a fundamental pre-requisite in reaching people globally in our modern world. We spend limitless hours talking to customers every day and adapting DocumentDB to make the experience truly stellar and fluid. The agility, performance and cost-effectiveness of apps built on top of DocumentDB is not an accident. Even tiny details make big differences.
So what are the next steps you should take? Here are a few that come to mind:
- First, go to the Create a DocumentDB account with protocol support for MongoDB tutorial to create a DocumentDB account.
- Then, follow the Connect to a DocumentDB account with protocol support for MongoDB tutorial to learn how to get your account connection string information.
- Afterwards, take a look at the Use MongoChef with a DocumentDB account with protocol support for MongoDB tutorial to learn how to create a connection between your DocumentDB database and MongoDB app in MongoChef.
- When you feel inspired (and you will be!), explore DocumentDB with protocol support for MongoDB samples.