Documentation

No results
    gitHub

    Table of contents

    Azure instance

    To access a Cosmos DB instance, you should obtain the proper credentials from your administrator.  At a minimum, you'll need to know the URI and Access Key.  

     

    When performing reverse-engineering of Cosmos DB, most of the information can be retrieved through the Data Plane account key.  If provided additional Control Plane parameters, Hackolade is able to also retrieve additional metadata, such as: tags, location and region replication, automatic failover, virtual network filter and rules, and IP-range filter. 

     

    Data plane

    Give a meaningful name to the connection to identify it for later, and provide proper connection string parameters:

    Cosmos DB connection settings dialog

     

     

    Go to the Azure portal to retrieve your URL, port number, and Primary Key.  In the Azure portal, navigate to your Azure Cosmos DB account, and click on Keys.   Copy the URI from the portal and paste it into <Address> (without the port number), then enter the port number into <Port>, and finally copy the PRIMARY or SECONDARY key, either Read-Write or Read-Only, and paste it into <Account Key>.

     

    Azure Portal - DocDB connection

     

     

    Control Plane

    The REST API connection must be enabled and all the proper parameters provided if you wish for Hackolade to retrieve additional Azure metadata such as: tags, location and region replication, automatic failover, virtual network filter and rules, and IP-range filter. 

     

    CosmosDB Data Plane dialog

     

     

    First, you must provide the Resource Group Name and Subscription ID of Cosmos DB instance, as found in the Overview screen of the Cosmos DB instance. More information here.

    CosmosDB - Azure instance overview screen

     

    Next, the Hackolade application must be registered so Azure accepts the REST API calls, as per these instructions.  The Application (client) ID and the Directory (tenant) ID are retrieved are retrieved from the App registration Overview screen:

    CosmosDB - Azure App registration overview

     

    Note: it is critical to assign the proper role to the application just registered.  This is done following the steps outlined here

    CosmosDB - Azure IAM role assignment

     

    Finally, the Application secret is obtained from the Certificates & secrets screen of the App registration: 

    CosmosDB - Azure App registration secrets scr

     

    If you don't know how to generate some of the above values, you may want to consult this document.

     

    On this page