Share via

Unable to Assign Cosmos DB Built-in Data Contributor Role to Azure Function

Sourav Kisku 0 Reputation points
2025-08-09T11:00:49.76+00:00

In Azure Cosmos DB, there is difficulty in assigning the role of Cosmos DB Built-in Data Contributor to an Azure Function. The option to assign this role is not visible. What steps can be taken to resolve this issue?

Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 53,525 Reputation points MVP Volunteer Moderator
    2025-08-09T11:22:15.38+00:00

    Try the following:

    1. Enable the managed identity for the Function App
    • Go to your Azure Function in the portal.
    • Identity → System assigned → Status: On → Save.
    • This creates a principal in Entra ID that you can grant the Cosmos DB role to.
    • If you’re using a User-assigned managed identity, make sure it exists and is attached to the Function App.
    1. Assign the role at the correct scope
    • Navigate to your Cosmos DB account in the Azure portal.
    • Access control (IAM) → Add role assignment.
    • In Role, search for Cosmos DB Built-in Data Contributor.
    • Assign access to → Managed identity → Select your Function App.
    1. Confirm the API type supports RBAC
    • RBAC roles like Built-in Data Contributor are supported for SQL API, Mongo API (vCore), and certain other APIs, but not all features in all API types support it.
    • For unsupported APIs, you’ll need to use keys instead of RBAC.

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.