Integration Methods
How to acces Azure Blob Storage
Integration Methods: Access Keys & Shared Access Signature
After creating the storage account and blob container, there are two methods for integration: using access keys and using a shared access signature. Access keys provide full administrative access to your storage account, allowing you to perform any operation. These keys are suitable for scenarios requiring complete control but should be handled with care due to their high level of access. On the other hand, a shared access signature allows for more granular control, enabling you to delegate access to specific resources for a limited time and with restricted permissions. This method is ideal for scenarios where you need to grant temporary access to clients or applications without exposing your primary keys, enhancing security and flexibility in managing your storage resources.
Shared access signature configuration
The minimal, required permissions (only for backup task, if you want to use replication tasks you have to extend permissions) to configure the Azure Blob Storage to work with: Allowed services:
Blob
Allowed resources types:
Container Objects
Allowed permissions:
Read
Write
Delete
List
If you want to use replication tasks when granting permissions, you have to: give full permissions or extend them with "Add" and "Create".
Allowed permissions for replication:
Read
Write
Delete
List
Add
Create
The connection string generation
Generation the connection string with the specified permissions
Log in as an administrator to the Azure webiste
Select the storage and hit the "Shared Acces Signature" in the "Settings" tab.
In the opened window select the permissions described in the "Shared access signature configuration" section of this article.
Hit the "Generate connection parameters and shared access signature" button
For setting up the Blob Storage we will need the connection string
Generation the connection string with the full permissions
Log in as an administrator to the Azure Website
Select the storage
Open the "Access keys" tab in the "Settings" section
For setting up the Blob Storage we will need the connection string:
More details about how to create or edit a bucket policy available on Azure Blob Storage documentation: Adding a bucket policy
To see more about S3 Immutable storage, visit: https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-storage-overview
Last updated