TenantId optional for MSI

and docs updated

Module/AadAuthenticationFactory/Readme.md

@@ -54,8 +54,8 @@ Test-AadToken -Token $graphToken.AccessToken
 Test-AadToken -Token $vaultToken.AccessToken
 ```
 
-## Managed identity
-This sample assumes that code runs in environment supporting Azure Managed identity abd uses it to get tokens.
+## System assigned Managed identity
+This sample assumes that code runs in environment supporting Azure Managed identity and uses it to get tokens.
 ```powershell
 $azConfigFactory = New-AadAuthenticationfactory -RequiredScopes 'https://azconfig.io/.default' -UseManagedIdentity
 #create factory for issuing of tokens for Azure KeyVault
@@ -64,4 +64,10 @@ $vaultFactory = New-AadAuthenticationfactory -UseManagedIdentity -RequiredScopes
 #get tokens
 $graphToken = Get-AadToken -Factory $graphFactory
 $vaultToken = $vaultFactory | Get-AadToken
-
+```
+## User assigned Managed identity
+This sample assumes that code runs in environment supporting Azure Managed identity and uses it to get tokens.
+```powershell
+$azConfigFactory = New-AadAuthenticationfactory -RequiredScopes 'https://azconfig.io/.default' -UseManagedIdentity -ClientId '3a174b1e-7b2a-4f21-a326-90365ff741cf'
+Get-AadToken | Select-object -expandProperty AccessToken | Test-AadToken | select-object -expandProperty payload
+```

Module/CosmosLite/CosmosLite.psm1

@@ -21,23 +21,30 @@ Description
 This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount in tenant mydomain.com, with Delegated auth flow
 
 .EXAMPLE
-$thumbprint = 'e827f78a78cf532eb539479d6afe9c7f703173d5'
-$appId = '1b69b00f-08f0-4798-9976-af325f7f7526'
+$thumbprint = 'e827f78a7acf532eb539479d6afe9c7f703173d5'
+$appId = '1b69b00f-08fc-4798-9976-af325f7f7526'
 $cert = dir Cert:\CurrentUser\My\ | where-object{$_.Thumbprint -eq $thumbprint}
-Connect-Cosmos -AccountName dhl-o365-onboarding-uat -Database onboarding -TenantId dhl.com -ClientId $appId -X509Certificate $cert
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -TenantId mycompany.com -ClientId $appId -X509Certificate $cert
 
 Description
 -----------
-This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount in tenant mydomain.com, with Application auth flow
+This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount in tenant mycompany.com, with Application auth flow
 
 .EXAMPLE
 
-Connect-Cosmos -AccountName dhl-o365-onboarding-uat -Database onboarding -UseManagedIdentity
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -UseManagedIdentity
 
 Description
 -----------
-This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount in tenant mydomain.com, with authentication by Managed Identity
+This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount, with authentication by System-assigned Managed Identity
 
+.EXAMPLE
+
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -ClientId '3a174b1e-7b2a-4f21-a326-90365ff741cf' -UseManagedIdentity
+
+Description
+-----------
+This command returns configuration object for working with CosmosDB account myCosmosDbAccount and database myDbInCosmosAccount, with authentication by User-assigned Managed Identity
 #>
 
     param
@@ -52,9 +59,12 @@ This command returns configuration object for working with CosmosDB account myCo
             #Name of database in CosmosDB account
         $Database,
 
-        [Parameter(Mandatory)]
+        [Parameter(ParameterSetName = 'PublicClient')]
+        [Parameter(ParameterSetName = 'ConfidentialClientWithSecret')]
+        [Parameter(ParameterSetName = 'ConfidentialClientWithCertificate')]
         [string]
             #Id of tenant where to autenticate the user. Can be tenant id, or any registerd DNS domain
+            #Not necessary when connecting with Managed Identity, otherwise ncesessary
         $TenantId,
 
         [Parameter()]

README.md

@@ -58,15 +58,18 @@ Few sample below, also see help that comes with commands of the module.
 #connect to cosmos db account test-acct and db test with well-known clientId for Azure PowerShell (1950a258-227b-4e31-a9cf-717495945fc2)
 $ctx = Connect-Cosmos -AccountName 'test-acct' -Database 'test' -TenantId 'mydomain.com' -AuthMode Interactive
 
-#connect to cosmos db account test-acct-2 and db test with appID and certificate
-#returned context is automatically stored and used for last called Connect-Cosmos 
-$thumbprint = 'e827f78a78cf532eb539479d6afe9c7f703173d5'
-$appId = '1b69b00f-08f0-4798-9976-af325f7f7526'
+#connect to cosmos db account myCosmosDbAccount and db myDbInCosmosAccount with appID and certificate
+#returned context is automatically stored and used for subsequent call of other commands
+$thumbprint = 'e827f78a7acf532eb539479d6afe9c7f703173d5'
+$appId = '1b69b00f-08fc-4798-9976-af325f7f7526'
 $cert = dir Cert:\CurrentUser\My\ | where-object{$_.Thumbprint -eq $thumbprint}
-Connect-Cosmos -AccountName dhl-o365-onboarding-uat -Database onboarding -TenantId dhl.com -ClientId $appId -X509Certificate $cert
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -TenantId mycompany.com -ClientId $appId -X509Certificate $cert
 
-#connect Cosmos with Managed Identiy
-Connect-Cosmos -AccountName dhl-o365-onboarding-uat -Database onboarding -UseManagedIdentity
+#connect Cosmos with System assigned Managed Identiy
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -UseManagedIdentity
+
+#connect Cosmos with User assigned Managed Identiy
+Connect-Cosmos -AccountName myCosmosDbAccount -Database myDbInCosmosAccount -ClientId '3a174b1e-7b2a-4f21-a326-90365ff741cf' -UseManagedIdentity
 
 #get document by id and partition key from container test-coll
 #first request causes authentication