Azure Storage Account Creation
-
Create Azure Storage Account through the Azure console (https://portal.azure.com).
-
Note the following details for the Storage account from the Access Keys option in the left navigation:
-
Storage Account Name
-
Access keys Key1 and Key2
-
Setting up Azure Application and Register with Azure Active Directory
-
Within Azure Active Directory, create and register a new app under App Registrations.
-
For supported account types, select ‘Accounts in this organizational directory only (XXXXXXXXX)’
-
In Redirect URI drop-down, select “Public client”.
-
Value:urn:ietf:wg:oauth:2.0:oob
-
Click the Register.
-
-
Once the App is registered, click the Certificates & secrets.
-
Click the New client secret.
-
Note down the generated value of the client secret as this will not be visible later.
Set IAM Role for this Application under Storage Account
To navigate to set IAM role, use the following steps:
-
Go to Storage Accounts in Azure.
-
Select Account.
-
Access Control (IAM).
-
Click on Add and select Role Assignments from dropdown menu.
Add the following role assignments for the application registered with Azure AD.
-
Role Assignment 1
-
Select Role as Owner.
-
Assign Access to as default (no change).
-
For “Select” use Azure application created above.
-
-
Role Assignment 2
-
Select Role as Storage Blob Data Contributor.
-
Assign Access to as default (no change).
-
For “Select” use Azure application created above.
-