W e can access programmatically to Azure Cosmos DB resources to create, query, and delete databases, document collections, and documents via REST API. To perform operations on Azure Cosmos DB resources, you can send HTTPS requests with a selected method: GET, POST, PUT, or DELETE to an CosmosDB endpoint. Frequently we build architecture with centralized access to a persistence layer, then we won't let other applications access directly to this layer. Suppose we have the following hypothetical scenario (see Figure 1): Figure 1. Hypothetical Scenario Only WEB API Service with IP1 is allowed to establish connections with CosmosDB EndPoint. The others elements showed as Application are not allowed. By default we have in our CosmosDB resource the following configuration (see Figure 2) in Firewall and Virtual Networks option. Figure 2. Default Configuration To show you how this feature works, we are going to create a WEP API with a single function (r