FREE TRIAL OPEN SUPPORT CASE

Integration Methods

How to acces Azure Blob Storage

Integration Methods: Access Keys & Shared Access Signature

After creating the storage account and blob container, there are two methods for integration: using access keys and using a shared access signature. Access keys provide full administrative access to your storage account, allowing you to perform any operation. These keys are suitable for scenarios requiring complete control but should be handled with care due to their high level of access. On the other hand, a shared access signature allows for more granular control, enabling you to delegate access to specific resources for a limited time and with restricted permissions. This method is ideal for scenarios where you need to grant temporary access to clients or applications without exposing your primary keys, enhancing security and flexibility in managing your storage resources.

Shared access signature configuration

The minimal, required permissions (only for backup task, if you want to use replication tasks you have to extend permissions) to configure the Azure Blob Storage to work with: Allowed services:

  • Blob

Allowed resources types:

  • Container Objects

Allowed permissions:

  • Read

  • Write

  • Delete

  • List

If you want to use replication tasks when granting permissions, you have to: give full permissions or extend them with "Add" and "Create".

Allowed permissions for replication:

  • Read

  • Write

  • Delete

  • List

  • Add

  • Create

The connection string generation

Generation the connection string with the specified permissions

  1. Log in as an administrator to the Azure webiste

  2. Select the storage and hit the "Shared Acces Signature" in the "Settings" tab.

  3. In the opened window select the permissions described in the "Shared access signature configuration" section of this article.

  4. Hit the "Generate connection parameters and shared access signature" button

For setting up the Blob Storage we will need the connection string

Generation the connection string with the full permissions

  1. Log in as an administrator to the Azure Website

  2. Select the storage

  3. Open the "Access keys" tab in the "Settings" section

For setting up the Blob Storage we will need the connection string:

More details about how to create or edit a bucket policy available on Azure Blob Storage documentation: Adding a bucket policy

To see more about S3 Immutable storage, visit: https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-storage-overview

PreviousConfigure a blob storageNextSetting Up

Last updated