Azure-CosmosDB-Automatic-Failover-Enabled

Severity: Medium

Description: This control ensures that Automatic-failover is enabled for Azure CosmosDB. In the event of a region is unavailable due an DOS or outage Enabling automatic-failover will create a new write region for the account. By default, automatic-failover is not enabled.

Remediation Steps:

Perform following to configure automatic failover from Azure CLI :

1. az cosmosdb update -n -g --enable-automatic-failover true

Important:

Reference:

• az cosmosdb