As enterprises continue to adopt serverless (and Platform-as-a-Service, or PaaS) solutions, they often need a way to integrate with existing resources on a virtual network. These existing resources c...
Updated Aug 27, 2020
Version 2.0
Blog Post
Hi! Michael Collier Thank you for helpful tutorial!
I have one question regarding one error I'm getting when I try to query some Cosmos DB document. I have the next setup:
1) Azure Cosmos DB with disabled public access and Private endpoint configured. Connection from API's and Azure Functions is working through this private endpoint is working fine because they're places in the same VNet.
2) We have VPN configured to have an access to VNet that contains this Private endpoint and Cosmos DB Account. We use Private DNS Zone so for my local PC I've added DNS record to my local hosts file
And with this setup I'm unable to query any documents from Cosmos DB using the next code snippet:
string cosmosEndpoint = "https://<you-db-account>.documents.azure.com";
string cosmosKey = "<primary/secondary-key>";
var cosmosDbId = "<db-id>";
var cosmsoContainerId = "<container-id>";
CosmosClient client = new CosmosClient(cosmosEndpoint, cosmosKey);
var container = client.GetContainer(cosmosDbId, cosmsoContainerId);
ItemResponse<JObject> response = await container.ReadItemAsync<JObject>(
id: "<document-id>",
partitionKey: new PartitionKey("<partition-key>")
);
With this code on line 10 I'm getting the next error: "[CosmosException] Response status code does not indicate success: Forbidden (403); Reason: (Request originated from IP <my-ip> through public internet. This is blocked by your Cosmos DB account firewall settings."
But I'm able to query the same document using this ways:
- Query document using HTTP request from Postman
- Query document using HTTP request from Console App
- Query document using CosmosClient with DefaultAzureCredential