documentdb-security

Original：🇺🇸 English

Translated

Security best practices for Azure DocumentDB — TLS enforcement, Private Endpoint / firewall configuration, Microsoft Entra ID + RBAC for authentication, and customer-managed keys (CMK) for encryption at rest. Use when reviewing production security posture, configuring networking, setting up authentication / authorization, or preparing for compliance audits.

2installs

Sourceazure/documentdb-agent-kit

Added on2026-05-13

NPX Install

npx skill4agent add azure/documentdb-agent-kit documentdb-security

SKILL.md Content

View Translation Comparison →

Security — Azure DocumentDB

Core controls: TLS on the wire, network isolation with Private Endpoint, Microsoft Entra ID for identity, and CMK for data-at-rest encryption on regulated workloads.

Rules

security-tls-required — Always connect with TLS; never disable certificate validation in production.
security-private-endpoint — Use Private Endpoint / firewall rules; disable public network access where possible.
security-entra-rbac — Prefer Microsoft Entra ID + RBAC over long-lived passwords; create per-app secondary users with least privilege.
security-cmk-encryption — Use customer-managed keys (CMK) for data-at-rest encryption on regulated workloads.

documentdb-security

NPX Install

Tags

SKILL.md Content

Security — Azure DocumentDB

Rules