IaC Bazaar
Get started
AzureLive-tested

Azure Cosmos DB Account

Cosmos DB (NoSQL or MongoDB API) with multi-region failover, autoscale throughput, private endpoint and backup policy.

terraformAzure#azure

Compare Managed Relational Database across clouds →

azure-cosmos-dbterraform v1.7

Verification

Live-tested

Really deployed, verified, idempotent and destroyed in a cloud sandbox.

Conformance

  • Static validation (fmt · validate · tflint)
  • Security scan: findings disclosed (Checkov)
  • Plan tests (mocked: validation rules · outputs)

Provenance

  • SHA-256 checksum
  • Signature (pending)

Functional

  • Live-tested — applied, verified, destroyed

Last verified 2026-06-29 · how we verify

Documentation

azure-cosmos-db

Status: static-validated, live-test pending. Ships under live-test quarantine — Cosmos account create/destroy takes ~10 minutes and needs a billable Azure subscription, so the live apply→verify→destroy gate runs once a cloud sandbox is available. Statically validated (fmt, validate, tflint).

Azure Cosmos DB account (Core/NoSQL or MongoDB API) with multi-region failover, autoscale / manual / serverless throughput, SQL databases and containers, a backup policy and an optional private endpoint. Opinionated and secure by default.

Secure defaults

  • Public network access OFF with the VNet filter ON (deny-by-default). A precondition forces you to attach a private_endpoint or a virtual_network_rule before the account can be reached.
  • TLS 1.2 minimum.
  • Continuous backup (Continuous30Days) for point-in-time restore.
  • Key auth disabled for NoSQL accounts (local_authentication_disabled) so only Entra ID (AAD) RBAC is accepted. MongoDB keeps key auth because the API requires it — the module folds that exception in automatically.
  • System-assigned managed identity on by default.
  • Automatic regional failover on; the primary write region is always failover_priority 0 and replica regions you add start at priority 1.

Works with Terraform and OpenTofu (>= 1.6), azurerm provider >= 4.0, < 5.0.

Requirements

RequirementVersion
Terraform / OpenTofu>= 1.6
hashicorp/azurerm>= 4.0, < 5.0

License

Commercial — LicenseRef-IaCBazaar-Commercial. © IaC Bazaar. Original work (not derived from a third-party module).

Usage code & full reference unlock after purchase

The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.

  • Usage
  • Inputs
  • Outputs
  • Notes