Merge pull request #206972 from enkrumah/patch-46

PRMerger15 · web-flow · commit 99c2112f57ed · 2022-08-04T14:28:18.000-07:00
Update cosmos-db-managed-identity.md
diff --git a/articles/stream-analytics/cosmos-db-managed-identity.md b/articles/stream-analytics/cosmos-db-managed-identity.md
@@ -5,7 +5,7 @@ author: enkrumah
 ms.author: ebnkruma
 ms.service: stream-analytics
 ms.topic: how-to
-ms.date: 05/04/2022
+ms.date: 08/04/2022
 ms.custom: subject-rbac-steps
 ---
 
@@ -42,10 +42,6 @@ For the Stream Analytics job to access your Cosmos DB using managed identity, th
 |Built-in role  |Description  |
 |---------|---------|
 |[DocumentDB Account Contributor](../role-based-access-control/built-in-roles.md#documentdb-account-contributor)|Can manage Azure Cosmos DB accounts. Allows retrieval of read/write keys. |
-|[Cosmos DB Account Reader Role](../role-based-access-control/built-in-roles.md#cosmos-db-account-reader-role)|Can read Azure Cosmos DB account data. Allows retrieval of read keys. |
-
-> [!TIP] 
-> When you assign roles, assign only the needed access. If your service requires only reading data, then assign the **Cosmos DB Account Reader** role to the managed identity. For more information about the importance of least privilege access, see the [Lower exposure of privileged accounts](../security/fundamentals/identity-management-best-practices.md#lower-exposure-of-privileged-accounts) article.
 
 1. Select **Access control (IAM)**.
 
