Hi All,
We are using Terraform to deploy Cosmos DB accounts. We have been advised to move to a configuration where all interactions with Cosmos happen via RBAC , i.e. no Account Keys.
Microsoft’s documentation on this subject can be found here.
Terraform’s documentation on Cosmos db can be found here
I am trying to determine which specific attribute in Terraform would allow us to achieve our RBAC objective. I wasn’t very clear from the documentation.
Upon reading further, it appears that the Terraform setting local_authentication_disabled might be the one which matches disableLocalAuth setting in Azure ARM template.
It would be very helpful if somebody from Terraform can attest whether setting the parameter local_authentication_disabled would cause the existing database to be torn down and freshly re-created with this setting.
I am optimistic that it shouldn’t. However, with Analytical Store, we saw this behaviour of tearing down.