Closed stevenylai closed 2 weeks ago
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @kushagraThapar @pjohari-ms @TheovanKraay.
@xinlian12 can you please take a look at this, thanks!
Actually one of the teammates found that if spark.cosmos.throughputControl.accountEndpoint
is not set, then throughputControl will default to spark.cosmos.accountEndpoint
with the same AAD-based authentication. In our application, we are not using a different account for throughput control so by omitting spark.cosmos.throughputControl.accountEndpoint
it solves our problem.
With that said, I still think from a consistency perspective. If it is allowed to have throughput control on a different CosmosDB account, then the same AAD-based authentication should be enabled. But since we don't require this for now, I will close the issue.
Is your feature request related to a problem? Please describe. Due to a recent company's policy, we are no longer allowed to use master key to access CosmosDB. We are able to migrate this by using ServicePrinciple for connection but the same didn't work for our ThroughputControl and we had to disable it for now. Error message:
Describe the solution you'd like Extend AAD control to throughput control as well. Instead of
spark.cosmos.throughputControl.accountKey
, we should also be able to set these:spark.cosmos.throughputControl.auth.type
spark.cosmos.throughputControl.auth.aad.clientId
spark.cosmos.throughputControl.auth.aad.resourceId
spark.cosmos.throughputControl.auth.aad.clientSecret
I can see the following are required when using SP:
spark.cosmos.account.subscriptionId
spark.cosmos.account.tenantId
spark.cosmos.account.resourceGroupName
Perhaps we can put those under
spark.cosmos.throughputControl.account
(e.g.spark.cosmos.throughputControl.account.subscriptionId
) ?Describe alternatives you've considered Given that the company is disabling master key access. The only alternative is to turn off throughput control and manage it from the application
Additional context Add any other context or screenshots about the feature request here.
Information Checklist Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report