I am investigating NoSQL Technologies for use in a project and Azure Cosmos Mongo API has arisen as an option. As part of Microsofts recommended architecture there is a Resource broker component middleware which retains ownership of the CosmosDB Master access key, and that can generate/distribute resource tokens for finer-grained access to consuming clients.
The documentation does not seem to allude to the Mongo API anywhere however and I cannot find information anywhere about it, is this pattern not available for the Cosmos Mongo API database? If that is the case, and Cosmos Mongo API requires access simply to a Master key, how would fine-grained access control and least privilege access be able to work?
There is an alternative question on Stackoverflow around creation of resource tokens but I would want to use an ORM such as mongoose in order to connect to CosmosDB with a resource token to avoid having to distribute Master keys out to many services.
Any answers greatly appreciated!
