Azure Storage Account Creation#
-
Create Azure Storage Account through the Azure console (https://portal.azure.com).
-
Note the following details for the Storage account from the Access Keys option in the left navigation:
-
Storage Account Name
-
Access keys Key1 and Key2
-
Setting up Azure Application and Register with Azure Active Directory#
-
Within Azure Active Directory, create and register a new app under App Registrations.
-
For supported account types, select ‘Accounts in this organizational directory only (XXXXXXXXX)’
-
In Redirect URI drop-down, select “Public client”.
-
Value:urn:ietf:wg:oauth:2.0:oob
-
Click the Register.
-
-
Once the App is registered, click the Certificates & secrets.
-
Click the New client secret.
-
Note down the generated value of the client secret as this will not be visible later.
Set IAM Role for this Application under Storage Account#
To navigate to set IAM role, use the following steps:
-
Go to Storage Accounts in Azure.
-
Select Account.
-
Access Control (IAM).
-
Click on Add and select Role Assignments from dropdown menu.
Add the following role assignments for the application registered with Azure AD.
-
Role Assignment 1
-
Select Role as Owner.
-
Assign Access to as default (no change).
-
For “Select” use Azure application created above.
-
-
Role Assignment 2
-
Select Role as Storage Blob Data Contributor.
-
Assign Access to as default (no change).
-
For “Select” use Azure application created above.
-