services / Azure / Cosmos DB MongoDB user definition

A MongoDB User Definition is a data-plane database user account for the Cosmos DB for MongoDB API, holding the username, credential (password set on write, not returned on read), and the role definitions assigned to it.

Represents a credentialed data-plane identity for a single database account's data store.


Microsoft.​DocumentDB/​databaseAccounts/​mongodbUserDefinitions/​delete

Deleting a MongoDB user definition removes a database account, destroying the identity and denying that user authorized access to the data plane.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​DocumentDB
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog