azure-cosmos-py
oleh microsoft
Pustaka klien untuk API NoSQL Azure Cosmos DB — basis data multi-model yang didistribusikan secara global.
npx skills add https://github.com/microsoft/skills --skill azure-cosmos-pyAzure Cosmos DB SDK for Python
Client library for Azure Cosmos DB NoSQL API — globally distributed, multi-model database.
Installation
pip install azure-cosmos azure-identity
Environment Variables
COSMOS_ENDPOINT=https://<account>.documents.azure.com:443/ # Required for all auth methods
COSMOS_DATABASE=mydb # Required for all auth methods
COSMOS_CONTAINER=mycontainer # Required for all auth methods
AZURE_TOKEN_CREDENTIALS=prod # Required only if DefaultAzureCredential is used in production
Authentication & Lifecycle
🔑 Two rules apply to every code sample below:
- Prefer
DefaultAzureCredential. It works locally (Azure CLI / VS Code / Developer CLI) and in Azure (managed identity, workload identity) with no code change. Avoid connection strings, account/API keys — they bypass Entra audit and rotation.
- Local dev:
DefaultAzureCredentialworks as-is.- Production: set
AZURE_TOKEN_CREDENTIALS=prod(orAZURE_TOKEN_CREDENTIALS=<specific_credential>) to constrain the credential chain to production-safe credentials.- Wrap every client in a context manager so HTTP transports, sockets, and token caches are released deterministically:
- Sync:
with <Client>(...) as client:- Async:
async with <Client>(...) as client:andasync with DefaultAzureCredential() as credential:(fromazure.identity.aio)Snippets may abbreviate this setup, but production code should always follow both rules.
import os
from azure.identity import DefaultAzureCredential, ManagedIdentityCredential
from azure.cosmos import CosmosClient
# Local dev: DefaultAzureCredential. Production: set AZURE_TOKEN_CREDENTIALS=prod or AZURE_TOKEN_CREDENTIALS=<specific_credential>
credential = DefaultAzureCredential(require_envvar=True)
# Or use a specific credential directly in production:
# See https://learn.microsoft.com/python/api/overview/azure/identity-readme?view=azure-python#credential-classes
# credential = ManagedIdentityCredential()
endpoint = "https://<account>.documents.azure.com:443/"
with CosmosClient(url=endpoint, credential=credential) as client:
# Use client here (see following sections for operations)
...
Client Hierarchy
| Client | Purpose | Get From |
|---|---|---|
CosmosClient | Account-level operations | Direct instantiation |
DatabaseProxy | Database operations | client.get_database_client() |
ContainerProxy | Container/item operations | database.get_container_client() |
Core Workflow
Setup Database and Container
# Get or create database
database = client.create_database_if_not_exists(id="mydb")
# Get or create container with partition key
container = database.create_container_if_not_exists(
id="mycontainer",
partition_key=PartitionKey(path="/category")
)
# Get existing
database = client.get_database_client("mydb")
container = database.get_container_client("mycontainer")
Create Item
item = {
"id": "item-001", # Required: unique within partition
"category": "electronics", # Partition key value
"name": "Laptop",
"price": 999.99,
"tags": ["computer", "portable"]
}
created = container.create_item(body=item)
print(f"Created: {created['id']}")
Read Item
# Read requires id AND partition key
item = container.read_item(
item="item-001",
partition_key="electronics"
)
print(f"Name: {item['name']}")
Update Item (Replace)
item = container.read_item(item="item-001", partition_key="electronics")
item["price"] = 899.99
item["on_sale"] = True
updated = container.replace_item(item=item["id"], body=item)
Upsert Item
# Create if not exists, replace if exists
item = {
"id": "item-002",
"category": "electronics",
"name": "Tablet",
"price": 499.99
}
result = container.upsert_item(body=item)
Delete Item
container.delete_item(
item="item-001",
partition_key="electronics"
)
Queries
Basic Query
# Query within a partition (efficient)
query = "SELECT * FROM c WHERE c.price < @max_price"
items = container.query_items(
query=query,
parameters=[{"name": "@max_price", "value": 500}],
partition_key="electronics"
)
for item in items:
print(f"{item['name']}: ${item['price']}")
Cross-Partition Query
# Cross-partition (more expensive, use sparingly)
query = "SELECT * FROM c WHERE c.price < @max_price"
items = container.query_items(
query=query,
parameters=[{"name": "@max_price", "value": 500}],
enable_cross_partition_query=True
)
for item in items:
print(item)
Query with Projection
query = "SELECT c.id, c.name, c.price FROM c WHERE c.category = @category"
items = container.query_items(
query=query,
parameters=[{"name": "@category", "value": "electronics"}],
partition_key="electronics"
)
Read All Items
# Read all in a partition
items = container.read_all_items() # Cross-partition
# Or with partition key
items = container.query_items(
query="SELECT * FROM c",
partition_key="electronics"
)
Partition Keys
Critical: Always include partition key for efficient operations.
from azure.cosmos import PartitionKey
# Single partition key
container = database.create_container_if_not_exists(
id="orders",
partition_key=PartitionKey(path="/customer_id")
)
# Hierarchical partition key (preview)
container = database.create_container_if_not_exists(
id="events",
partition_key=PartitionKey(path=["/tenant_id", "/user_id"])
)
Throughput
# Create container with provisioned throughput
container = database.create_container_if_not_exists(
id="mycontainer",
partition_key=PartitionKey(path="/pk"),
offer_throughput=400 # RU/s
)
# Read current throughput
offer = container.read_offer()
print(f"Throughput: {offer.offer_throughput} RU/s")
# Update throughput
container.replace_throughput(throughput=1000)
Async Client
from azure.cosmos.aio import CosmosClient
from azure.identity.aio import DefaultAzureCredential
async def cosmos_operations():
async with DefaultAzureCredential() as credential:
async with CosmosClient(endpoint, credential=credential) as client:
database = client.get_database_client("mydb")
container = database.get_container_client("mycontainer")
# Create
await container.create_item(body={"id": "1", "pk": "test"})
# Read
item = await container.read_item(item="1", partition_key="test")
# Query
async for item in container.query_items(
query="SELECT * FROM c",
partition_key="test"
):
print(item)
import asyncio
asyncio.run(cosmos_operations())
Error Handling
from azure.cosmos.exceptions import CosmosHttpResponseError
try:
item = container.read_item(item="nonexistent", partition_key="pk")
except CosmosHttpResponseError as e:
if e.status_code == 404:
print("Item not found")
elif e.status_code == 429:
print(f"Rate limited. Retry after: {e.headers.get('x-ms-retry-after-ms')}ms")
else:
raise
Best Practices
- Pick sync OR async and stay consistent. Do not mix
azure.cosmossync clients withazure.cosmos.aioasync clients in the same call path. Choose one mode per module. - Always use context managers for clients and async credentials. Wrap every client in
with CosmosClient(...) as client:(sync) orasync with CosmosClient(...) as client:(async). For asyncDefaultAzureCredentialfromazure.identity.aio, also useasync with credential:so tokens and transports are cleaned up. - Use
DefaultAzureCredentialfor portable auth across local dev and Azure (avoid connection strings / API keys when possible). - Always specify partition key for point reads and queries
- Use parameterized queries to prevent injection and improve caching
- Avoid cross-partition queries when possible
- Use
upsert_itemfor idempotent writes - Use async client for high-throughput scenarios
- Design partition key for even data distribution
- Use
read_iteminstead of query for single document retrieval
Reference Files
| File | Contents |
|---|---|
| references/partitioning.md | Partition key strategies, hierarchical keys, hot partition detection and mitigation |
| references/query-patterns.md | Query optimization, aggregations, pagination, transactions, change feed |
| scripts/setup_cosmos_container.py | CLI tool for creating containers with partitioning, throughput, and indexing |
Lebih banyak skill dari microsoft
oss-growth
microsoft
Persona peretas pertumbuhan OSS
official
microsoft-foundry
microsoft
Menyebarkan, mengevaluasi, dan mengelola agen Foundry secara menyeluruh: pembuatan Docker, push ACR, pembuatan agen yang dihosting/dengan prompt, memulai kontainer, evaluasi batch, evaluasi berkelanjutan, alur kerja pengoptimal prompt, agent.yaml, kurasi kumpulan data dari jejak. GUNAKAN UNTUK: menyebarkan agen ke Foundry, agen yang dihosting, membuat agen, memanggil agen, mengevaluasi agen, menjalankan evaluasi batch, evaluasi berkelanjutan, pemantauan berkelanjutan, status evaluasi berkelanjutan, mengoptimalkan prompt, meningkatkan prompt, pengoptimal prompt, mengoptimalkan instruksi agen, meningkatkan agen...
officialdevelopmentdevops
azure-ai
microsoft
Gunakan untuk Azure AI: Search, Speech, OpenAI, Document Intelligence. Membantu pencarian, pencarian vektor/hibrida, ucapan-ke-teks, teks-ke-ucapan, transkripsi, OCR. KAPAN: AI Search, pencarian kueri, pencarian vektor, pencarian hibrida, pencarian semantik, ucapan-ke-teks, teks-ke-ucapan, transkripsi, OCR, konversi teks ke ucapan.
officialdevelopmentapi
azure-deploy
microsoft
Jalankan deployment Azure untuk aplikasi yang SUDAH DISIAPKAN dan memiliki file .azure/deployment-plan.md serta infrastruktur yang sudah ada. JANGAN gunakan skill ini saat pengguna meminta untuk MEMBUAT aplikasi baru — gunakan azure-prepare sebagai gantinya. Skill ini menjalankan perintah azd up, azd deploy, terraform apply, dan az deployment dengan pemulihan kesalahan bawaan. Membutuhkan .azure/deployment-plan.md dari azure-prepare dan status tervalidasi dari azure-validate. KAPAN: "jalankan azd up", "jalankan azd deploy", "jalankan deployment",...
officialdevopsaws
azure-storage
microsoft
Layanan Azure Storage termasuk Blob Storage, File Shares, Queue Storage, Table Storage, dan Data Lake. Menjawab pertanyaan tentang tingkat akses penyimpanan (hot, cool, cold, archive), kapan menggunakan setiap tingkat, dan perbandingan tingkat. Menyediakan penyimpanan objek, berbagi file SMB, pengiriman pesan asinkron, NoSQL key-value, dan analitik big data. Termasuk manajemen siklus hidup. GUNAKAN UNTUK: blob storage, file shares, queue storage, table storage, data lake, unggah file, unduh blob, akun penyimpanan, tingkat akses,...
officialdevelopmentdatabase
azure-diagnostics
microsoft
Debug masalah produksi Azure menggunakan AppLens, Azure Monitor, resource health, dan triase aman. KAPAN: debug masalah produksi, troubleshoot app service, CPU tinggi app service, kegagalan deployment app service, troubleshoot container apps, troubleshoot functions, troubleshoot AKS, kubectl tidak bisa terhubung, kegagalan kube-system/CoreDNS, pod pending, crashloop, node tidak siap, kegagalan upgrade, analisis log, KQL, insights, kegagalan image pull, masalah cold start, kegagalan health probe,...
officialdevopsdevelopment
azure-prepare
microsoft
Siapkan aplikasi Azure untuk deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Gunakan untuk membuat/memodernisasi atau membuat+men-deploy; bukan untuk migrasi lintas-cloud (gunakan azure-cloud-migrate). JANGAN GUNAKAN UNTUK: aplikasi copilot-sdk (gunakan azure-hosted-copilot-sdk). KAPAN: "membuat aplikasi", "membangun aplikasi web", "membuat API", "membuat API HTTP serverless", "membuat frontend", "membuat backend", "membangun layanan", "memodernisasi aplikasi", "memperbarui aplikasi", "menambahkan autentikasi", "menambahkan caching", "hosting di Azure", "membuat dan...
officialdevelopmentdevops
azure-validate
microsoft
Validasi pra-penyebaran untuk kesiapan Azure. Lakukan pemeriksaan mendalam pada konfigurasi, infrastruktur (Bicep atau Terraform), penetapan peran RBAC, izin identitas terkelola, dan prasyarat sebelum menyebarkan. KAPAN: validasi aplikasi saya, periksa kesiapan penyebaran, jalankan pemeriksaan awal, verifikasi konfigurasi, periksa apakah siap untuk menyebarkan, validasi azure.yaml, validasi Bicep, uji sebelum menyebarkan, pecahkan kesalahan penyebaran, validasi Azure Functions, validasi function app, validasi serverless...
officialdevopstesting