Create an Azure Cosmos DB account with IP Firewall
APPLIES TO: 
SQL API
Cassandra API
Gremlin API
Table API
Azure Cosmos DB API for MongoDB
Note
This article uses the Azure Az PowerShell module, which is the recommended PowerShell module for interacting with Azure. To get started with the Az PowerShell module, see Install Azure PowerShell. To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.
This sample requires Azure PowerShell Az 5.4.0 or later. Run Get-Module -ListAvailable Az to see which versions are installed.
If you need to install, see Install Azure PowerShell module.
Run Connect-AzAccount to sign in to Azure.
Sample script
Note
This sample demonstrates using a SQL (Core) API account. To use this sample for other APIs, copy the related properties and apply to your API specific script
# Reference: Az.CosmosDB | https://docs.microsoft.com/powershell/module/az.cosmosdb
# --------------------------------------------------
# Purpose
# Create Cosmos DB SQL API account with firewall
# --------------------------------------------------
Function New-RandomString{Param ([Int]$Length = 10) return $(-join ((97..122) + (48..57) | Get-Random -Count $Length | ForEach-Object {[char]$_}))}
# --------------------------------------------------
$uniqueId = New-RandomString -Length 7 # Random alphanumeric string for unique resource names
$apiKind = "Sql"
# --------------------------------------------------
# Variables - ***** SUBSTITUTE YOUR VALUES *****
$locations = @("East US", "West US") # Regions ordered by failover priority
$resourceGroupName = "myResourceGroup" # Resource Group must already exist
$accountName = "cosmos-$uniqueId" # Must be all lower case
$consistencyLevel = "Session"
$ipFilter = @("10.0.0.0/8", "11.0.1.0/24")
$allowAzureAccess = $true # Allow access to Azure networks and portal
# --------------------------------------------------
if ($true -eq $allowAzureAccess) {
$ipFilter += "0.0.0.0"
}
Write-Host "Creating account $accountName"
$account = New-AzCosmosDBAccount -ResourceGroupName $resourceGroupName `
-Location $locations -Name $accountName -ApiKind $apiKind `
-DefaultConsistencyLevel $consistencyLevel -IpRangeFilter $ipFilter `
-EnableAutomaticFailover:$true
Clean up deployment
After the script sample has been run, the following command can be used to remove the resource group and all resources associated with it.
Remove-AzResourceGroup -ResourceGroupName "myResourceGroup"
Script explanation
This script uses the following commands. Each command in the table links to command specific documentation.
| Command | Notes |
|---|---|
| Azure Cosmos DB | |
| New-AzCosmosDBAccount | Creates a new Cosmos DB Account. |
| Azure Resource Groups | |
| Remove-AzResourceGroup | Deletes a resource group including all nested resources. |
Next steps
For more information on the Azure PowerShell, see Azure PowerShell documentation.
Feedback
Submit and view feedback for