Guardrails is now 50% faster through smarter control evaluation →
Mods
Azure

Control: Azure > Cosmos DB > Database Account > Key Based Metadata Write Access

Define the Key Based Metadata Write Access settings required for Azure > Cosmos DB > Database Account.

This control checks whether key-based metadata write access is enabled or disabled for Azure Cosmos DB Database Accounts. If the setting does not match the policy requirements, the control will go to an alarm state. If the policy is set to "Enforce: Disabled" or "Enforce: Enabled", the control will attempt to configure the key-based metadata write access setting accordingly.

Resource Types

This control targets the following resource types:

Policies

The following policies can be used to configure this control:

Permissions

Cloud permissions used by this control and its actions:

  • microsoft.documentdb/databaseaccounts/write

Category

In Your Workspace

Developers