Azure Cosmos DB Credentials

Description

General

• Documentation: https://learn.microsoft.com/en-us/azure/cosmos-db/

• Summary: Azure Cosmos DB is a NoSQL database with SLA-backed speed and availability, automatic and instant scalability, and open-source APIs for MongoDB and Cassandra.

• IPs allowlist: See Secure access to data in Azure Cosmos DB.

• Scopes: This feature is not available.

Revoke the secret

There are two master keys: the primary key and the secondary key. It is possible to rotate one of the key by switching to the other, then regenerating the key to rotate. See Key rotation and regeneration.

Check for suspicious activity

The Azure Cosmos DB portal provides an activity log to monitor database activity.

Details for Azure cosmosdb assignment

• Family: Database

• Category: Data storage

• Company: Microsoft

• High recall: False

• Validity check available: True

• Analyzer available: False

• On-premise instances exist: False

• Only valid secrets raise an alert: False

• Minimum number of matches: 2

• Occurrences found for one million commits: 0.02

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - documents\.azure\.com

Examples

- text: |
    settings = {
        'host': os.environ.get('ACCOUNT_HOST', 'https://4a0ff3f0-0ee0-4-231-b9ee.documents.azure.com:443/'),
        'master_key': os.environ.get('ACCOUNT_KEY', 'H0maE9FWji2oHBsj9tuj5FREJRQGXRTIAJ3fA3CS46IGK3UcjeKy1DCFHNDt4oj4nq4Bh8YYujpuAFDddR5atw=='),
        'database_id': os.environ.get('COSMOS_DATABASE', 'ToDoList'),
        'container_id': os.environ.get('COSMOS_CONTAINER', 'Items'),
    }
  host: https://4a0ff3f0-0ee0-4-231-b9ee.documents.azure.com:443
  apikey: H0maE9FWji2oHBsj9tuj5FREJRQGXRTIAJ3fA3CS46IGK3UcjeKy1DCFHNDt4oj4nq4Bh8YYujpuAFDddR5atw==