How can we set re try logic between primary and secondary cosmos keys in azure function app.

R, Ranjini (CW) 6 Reputation points
2021-09-28T09:57:41.32+00:00

I have a Function with a Cosmos DB Trigger, which is used to consume cosmos DB change feed.
we have policy in place to rotate the cosmos keys every month and update it in the key vault. The application setting has a single connection string.

Is there anyway to implement re try logic to connect with secondary keys when primary is not available.

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,201 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. MayankBargali-MSFT 68,066 Reputation points
    2021-09-29T04:13:14.493+00:00

    @R, Ranjini (CW) Unfortunately you cannot assign two keys to the Azure cosmos DB trigger and retry with primary/secondary keys would not be possible if you have rotation the keys or the keys are invalid.

    You can use Key Vault references for Azure Functions and the latest keys are fetch from the key vault but the app will automatically update and begin using the latest version within one day. Any configuration changes made to the your function will cause an immediate update to the latest versions of all referenced secrets.
    If you don't want to use the keys then you can use managed identity based authentication.