In light of the Chaos DB vulnerability that affects Cosmos DB on Microsoft Azure platform, Microsoft has suggested that we should re-generate the primary keys of the Cosmos DB. We can re-generate the Cosmos DB primary keys from Azure Power Shell or the Azure CLI (command line interface). Below, we look at both ways to re-generate the primary keys on the Azure platform for Cosmos DB.
How to re-generate primary key of Cosmos DB using Azure Power shell?
To generate primary key of a Cosmos DB on Microsoft Azure platform, please follow the instructions below:
Login to the Azure PowerShell and write the following commands:
$resourceGroupName = "myResourceGroup" # Resource Group must already exist
$accountName = "mycosmosaccount" # Must be all lower case
$keyKind = "primary" # Other key kinds: secondary, primaryReadOnly, secondaryReadOnly
New-AzCosmosDBAccountKey `
-ResourceGroupName $resourceGroupName `
-Name $accountName `
-KeyKind $keyKindYou define variables for the resource group and account name. Specify the type of key, which in this case is primary. And then issue the New-AzCosmoc DBAccountKey command to run the re-generation process of the Azure Cosmos DB primary key.
For a ready reference, check out this link on Microsoft website –https://docs.microsoft.com/en-us/azure/cosmos-db/sql/manage-with-powershell
How to re-generate primary key of Cosmos DB using Azure CLI?
To re-generate the Cosmos DB primary key on Microsoft Azure, using the Azure Command line interface, please follow the command below:
az cosmosdb regenerate-key --key-kind primary --name MyCosmosDBDatabaseAccount --resource-group MyResourceGroupYou will need to provide:
- Key-kind – primary
- Cosmos DB name
- Resource group name
For a ready reference, check out the instructions on the Microsoft site – https://docs.microsoft.com/en-us/cli/azure/cosmosdb
You will need to search for the command to re-generate primary key on the Cosmos DB on Microsoft Azure.
Helen is a geeky nerd who seeks to find and fix tech gaps in the latest gadgets. She is always on the lookout for resolving technical queries of users, and is an avid writer on technical subjects.