Adding a Cosmos DB Cassandra API Instance Using a New Azure Account

When you add a Cosmos DB Cassandra API instance, you can do that by creating a new Azure account.

Before You Begin

• For Azure Resource Manager, the cloud account represents an application, and there are two methods of deployment:

  • The traditional method with Azure Active Directory where you must set up the application and tenant. With this option, when you configure the cloud account, you must provide the following information:

    • Subscription ID

    • Tenant ID

    • Application ID and password

    To complete this type of deployment, refer to Setting Up an Application and Tenant for Azure Resource Manager.

  • Managed identity authentication with Azure Active Directory. This is a more secure method of deployment. Using this method ensures that your Azure subscription is accessed only from authorized managed identity-enabled virtual machines. In addition, the process of adding an Azure cloud account is more simplified, because you need only the Subscription ID, not the Tenant ID, Application ID, or Application Password.

    To complete this type of deployment, refer to Setting Up Managed Identity Authentication for Azure Resource Manager.

• Verify that the Cosmos DB application has the contributor role enabled on the Azure account. For restricted access, create a custom role using cosmos_cassandraapi.json at the resource group level and assign it to the Cosmos DB application.

Procedure

1. From the navigation pane, go to Protect > Databases.

   The Instances page appears.

2. Click Add Instance, and then click Cloud database service.

   The Add Cloud DB instance page appears.

3. From the Select vendor list, select Microsoft Azure.

4. From the Database service list, select Cosmos DB.

5. From the Region list, select a region where cassandra account is available.

6. From the API list, select CASSANDRA API.

7. In the Instance box, enter a name for the cloud instance.

8. In the Table group box, enter a name for the default table group.

9. Beside the Cloud account list, Click +.

   The Add cloud account dialog box appears.

10. In the Name box, enter the name for the Azure account.

11. You can choose traditional authentication method of deployment or managed identity authentication method of deployment.

    1. For the traditional authentication method of deployment, configure the following settings:

       • Subscription ID: Enter the subscription ID for the Azure account.

       • Credentials: If you have already configured the credentials entity, select the credentials from the list. To define a new credential, click + beside the list. For more information, see Adding Credentials.

    2. For the managed identity authentication method of deployment, configure the following settings:

       • Connect using managed identities for Azure resources: Move the toggle key to the right.

       • Subscription ID: Enter the subscription ID for the Azure account.

12. From the Access nodes list, select one or more access nodes as needed for the new account.

13. Click Save.

14. Click Add.

What to Do Next

A table group is created for the instance. You can create more table groups to meet different backup requirements.