Create an Azure Cosmos DB account with IP Firewall
APPLIES TO: NoSQL MongoDB Cassandra Gremlin Table
Note
We recommend that you use the Azure Az PowerShell module to interact with Azure. See Install Azure PowerShell to get started. To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.
This sample requires Azure PowerShell Az 5.4.0 or later. Run Get-Module -ListAvailable Az
to see which versions are installed.
If you need to install, see Install Azure PowerShell module.
Run Connect-AzAccount -Environment AzureChinaCloud to sign in to Azure.
Sample script
Note
This sample demonstrates using a API for NoSQL account. To use this sample for other APIs, copy the related properties and apply to your API specific script
# Reference: Az.CosmosDB | https://learn.microsoft.com/powershell/module/az.cosmosdb
# --------------------------------------------------
# Purpose
# Create Cosmos DB SQL API account with firewall
# --------------------------------------------------
Function New-RandomString{Param ([Int]$Length = 10) return $(-join ((97..122) + (48..57) | Get-Random -Count $Length | ForEach-Object {[char]$_}))}
# --------------------------------------------------
$uniqueId = New-RandomString -Length 7 # Random alphanumeric string for unique resource names
$apiKind = "Sql"
# --------------------------------------------------
# Variables - ***** SUBSTITUTE YOUR VALUES *****
$locations = @("China East", "China North") # Regions ordered by failover priority
$resourceGroupName = "myResourceGroup" # Resource Group must already exist
$accountName = "cosmos-$uniqueId" # Must be all lower case
$consistencyLevel = "Session"
$ipFilter = @("10.0.0.0/8", "11.0.1.0/24")
$allowAzureAccess = $true # Allow access to Azure networks and portal
# --------------------------------------------------
if ($true -eq $allowAzureAccess) {
$ipFilter += "0.0.0.0"
}
Write-Host "Creating account $accountName"
$account = New-AzCosmosDBAccount -ResourceGroupName $resourceGroupName `
-Location $locations -Name $accountName -ApiKind $apiKind `
-DefaultConsistencyLevel $consistencyLevel -IpRangeFilter $ipFilter `
-EnableAutomaticFailover:$true
Clean up deployment
After the script sample has been run, the following command can be used to remove the resource group and all resources associated with it.
Remove-AzResourceGroup -ResourceGroupName "myResourceGroup"
Script explanation
This script uses the following commands. Each command in the table links to command specific documentation.
Command | Notes |
---|---|
Azure Cosmos DB | |
New-AzCosmosDBAccount | Creates a new Azure Cosmos DB Account. |
Azure Resource Groups | |
Remove-AzResourceGroup | Deletes a resource group including all nested resources. |
Next steps
For more information on the Azure PowerShell, see Azure PowerShell documentation.