[Breaking change]: Aspire.Hosting.Azure.CosmosDB obsolete method and default managed identity support #2428
Description
Description
Applies to 9.1
1- AddDatabase() is being obsoleted and replaced by WithDatabase(). Calling it will call WithDatabase().
2- By default AddAzureCosmosDB() is now using Managed Identity during provisioning instead of creating a Key Vault instance with a random access key. The default connection string passed to the client integration will be secrets-free and use a provided token crediential (or DefaultTokenCredential if not is configured). To return to the previous behavior the WithAccessKeyAuthentication() can be used:
var cosmosdb = builder
.AddAzureCosmosDB("cache")
.WithAccessKeyAuthentication();Corresponding PR: dotnet/aspire#7092
Version
Other (please put exact version in description textbox)
Previous behavior
n/a
New behavior
n/a
Type of breaking change
- Binary incompatible: Existing binaries might encounter a breaking change in behavior, such as failure to load or execute, and if so, require recompilation.
- Source incompatible: When recompiled using the new SDK or component or to target the new runtime, existing source code might require source changes to compile successfully.
- Behavioral change: Existing binaries might behave differently at run time.
Reason for change
1- Follow new API pattern when an existing resource is returned instead of a new resource. (Add vs With)
2- Security
Recommended action
1- Use WithDatabase() instead of AddDatabase().
2- Update applications to use token credentials instead of secrets in connection strings.
Affected APIs
static Aspire.Hosting.AzureCosmosExtensions.AddDatabase(this Aspire.Hosting.ApplicationModel.IResourceBuilder<Aspire.Hosting.AzureCosmosDBResource!>! builder, string! name) -> Aspire.Hosting.ApplicationModel.IResourceBuilder<Aspire.Hosting.AzureCosmosDBResource!>!