Role-based access control (RBAC) with Azure Active Directory (AAD) on Azure Cosmos DB in public preview
发布日期：三月 02, 2021
The RBAC with Azure Cosmos DB is a new data plane authorization system that exposes a fine-grained permission model and leverages AAD for authentication. When using RBAC with the Azure Cosmos DB SQL API, you can assemble allowed actions into role definitions and assign these roles to AAD identities. This is the ideal access control method when different data access permissions must be strictly enforced across users or applications. Enhanced auditability is also included as the identity used to issue a data operation gets tracked together with the operation in diagnostic logs.