From 58556acb7d05f43b1e57859721912b13e0a9f6b5 Mon Sep 17 00:00:00 2001 From: Jimmy Date: Sat, 22 Feb 2025 13:38:23 +0100 Subject: [PATCH] new --- .../azure-security/az-services/az-cosmosDB.md | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/pentesting-cloud/azure-security/az-services/az-cosmosDB.md b/src/pentesting-cloud/azure-security/az-services/az-cosmosDB.md index 4162d13d8..e7f26275a 100644 --- a/src/pentesting-cloud/azure-security/az-services/az-cosmosDB.md +++ b/src/pentesting-cloud/azure-security/az-services/az-cosmosDB.md @@ -26,10 +26,10 @@ Within an account, you can create one or more databases, which serve as logical The core unit of data storage is the container, which holds JSON documents and is automatically indexed for efficient querying. Containers are elastically scalable and distributed across partitions, which are determined by a user-defined partition key. The partition key is critical for ensuring optimal performance and even data distribution. For example, a container might store customer data, with "customerId" as the partition key. #### Key Features -**Global Distribution**: Enable or disable Geo-Redundancy for cross-region replication and Multi-region Writes for improved availability. -**Networking & Security**: between public (all/select networks) or private endpoints for connectivity. Secure connections with TLS 1.2 encryption. Supports CORS (Cross-Origin Resource Sharing) for controlled access to resources. Microsoft Defender for Cloud can be enabled. To make the connection you can make use of keys. -**Backup & Recovery**: from Periodic, Continuous (7 days), or Continuous (30 days) backup policies with configurable intervals and retention. -**Data Encryption**: Default service-managed keys or customer-managed keys (CMK) for encryption (CMK selection is irreversible). + - **Global Distribution**: Enable or disable Geo-Redundancy for cross-region replication and Multi-region Writes for improved availability. + - **Networking & Security**: between public (all/select networks) or private endpoints for connectivity. Secure connections with TLS 1.2 encryption. Supports CORS (Cross-Origin Resource Sharing) for controlled access to resources. Microsoft Defender for Cloud can be enabled. To make the connection you can make use of keys. + - **Backup & Recovery**: from Periodic, Continuous (7 days), or Continuous (30 days) backup policies with configurable intervals and retention. + - **Data Encryption**: Default service-managed keys or customer-managed keys (CMK) for encryption (CMK selection is irreversible). #### Enumeration @@ -69,6 +69,19 @@ az cosmosdb sql trigger list --account-name --container-name --container-name --database-name --resource-group + +## MongoDB (vCore) +# Install az cli extension +az extension add --name cosmosdb-preview +# List all MongoDB databases in a specified Azure Cosmos DB account +az cosmosdb mongocluster list +az cosmosdb mongocluster show --cluster-name --resource-group +# Get firewall rules +az cosmosdb mongocluster firewall rule list --cluster-name --resource-group +# Connect to in +brew install mongosh +mongosh "mongodb://:@.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retryWrites=false" --username --password + ``` {{#endtab }}