英文:
How to setup Privileged Identity Management for Cosmos DB Built-in Data Reader Role
问题
我想为Cosmos DB内置数据读取者角色设置特权身份管理。但是这个Cosmos DB内置数据读取者角色在角色分配中不存在。
我可以使用PowerShell脚本为用户/组分配此角色。但是这个角色在Cosmos DB资源的IAM中不可见。
英文:
I want to setup Privileged Identity Management for Cosmos DB Built-in Data Reader Role. But this Cosmos DB Built-in Data Reader Role is not present in the role assignment.
I am able to assign this role to user/groups using powershell script. But this Role is not visible in IAM of the cosmos db resource.
答案1
得分: 1
Cosmos DB使用类似Azure RBAC的模型,但它不是Azure RBAC:https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac#concepts。
> Azure Cosmos DB数据平面RBAC建立在其他RBAC系统(如Azure RBAC)中常见的概念之上。
因此,这些概念是相同的,但是这些角色定义和分配对Azure RBAC不可见。
因此,在添加Cosmos DB RBAC支持之前,它们在PIM中也是不可见的 :\
英文:
Cosmos DB uses similar models like Azure RBAC but it is not Azure RBAC: https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac#concepts.
> The Azure Cosmos DB data plane RBAC is built on concepts that are commonly found in other RBAC systems like Azure RBAC
So the concepts are the same, but those role definitions and assignments are not visible to Azure RBAC.
And so they won't be visible in PIM either until they add Cosmos DB RBAC support :\
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论