Note that this post was co-authored by Arvind Rao, Cloud Solution Architect, Microsoft and Sneha Gunda, Content Developer, Microsoft.
Many customers are using Azure Cosmos DB all around the world. This article lists the actions a partner can perform in different areas of Azure Cosmos DB such as security, performance management, and more.
Security
Data security is a shared responsibility between the customer, and the database provider. Depending on the database provider, the amount of responsibility a customer carries can vary. If the customer chooses a PaaS cloud database provider such as Azure Cosmos DB, the workload to manage security reduces considerably. However there are some areas where the partner can add value by implementing security best practices offered by Azure Cosmos DB to help customer prevent, detect, and respond to database breaches.
Role of a partner
- The partner has an opportunity to play database administrator (DBAs) role and help manage databases, collections, users, and permissions.
- The partner can facilitate primary key rotation process to keep the connection to Azure Cosmos DB accounts secure.
- The partner can create/manage user resources and permissions of the databases by using the master key for the account.
- The partner can help configure and troubleshoot the IP access control policy.
- The partner can help review the diagnostic logs to find any security issues.
Monitoring
Monitoring is the next focused area after customer start using one or more Azure Cosmos DB databases. Azure Cosmos DB provides full suite of metrics to monitor throughput, storage, availability, latency, and consistency of the databases.
Role of a partner
- The partner can help monitor health of a database by using performance metrics.
- The partner can help setup appropriate alerts to report health anomalies.
- The partner can help configure diagnostic logging.
- The partner can help review the logs for security anomalies.
- The partner can help review the indexes and queries to provide appropriate changes.
Performance management
Performance Management focuses on managing required throughput and storage distribution across partitions, customizing index policies of a collection, query analysis and client metric analysis, and more.
Role of a partner
- The partner can help improve the performance of a database by researching the throttling issues and applying the right fix like re-partitioning or adjusting the index policies.
- The partner can help debugging slow client response or long running queries with the help of metrics and diagnostic logging information.
- The partner can help review the consistency model and suggest appropriate consistency level for the server side to get more throughput.
- The partner can help review TTL configuration and suggest appropriate configuration to choose a right size for the container.
- The partner can help analyze the local demand to expand the databases to other regions to provide low latency reads.
- The partner can provide guidance on the real-time integration or notification for any changes to Azure Cosmos DB.
Back up, restore, and business continuity
Azure Cosmos DB provides automatic online backup and supports explicit as well as policy driven failovers that allow customer to control the end-to-end system behavior in the event of failures.
Role of a partner
- Azure Cosmos DB takes snapshots of your data for every four hours at the partition level. At any given time, only the last two snapshots are retained. The partner can help maintain additional backup snapshots if needed.
- The partner can help restore a database from an online backup.
- The partner can help address data corruption issues.
- The partner can help by configuring automatic failovers.
- The partner can perform manual failovers if needed.