Failed to start api: Cosmos DB RBAC Forbidden (managed identity)

**Describe the issue:**
Running the VS Code task `Start API` fails. The API tries to connect to Azure Cosmos DB using Managed Identity, but Cosmos rejects the request with RBAC/Forbidden (403). The error indicates the principal does not have permission to perform `Microsoft.DocumentDB/databaseAccounts/readMetadata` as follows:
<img width="1543" height="756" alt="Image" src="https://github.com/user-attachments/assets/ea9a4e20-70cd-4099-90d6-0657d12ef644" />

**Repro Steps:**
1. Run `azd init -t todo-nodejs-mongo`.
2. Run `azd up`.
3. Run task: `start api`.

**Environment:**

- Template: **todo-nodejs-mongo**.
- Azd version: azd version 1.24.0-beta.1-daily.6038122 (commit 69ab5ebc77e88cd93240670a208b04488d7c3c3c).
- OS: Windows and Linux.
- Branch: Main.

**Expected behavior:**
The `start api` task can run successfully.

@rajeshkamal5050 for notification.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Failed to start api: Cosmos DB RBAC Forbidden (managed identity) #34

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Failed to start api: Cosmos DB RBAC Forbidden (managed identity) #34

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions