[jclouds-site] branch master updated: Document Azure Blob with Azure Active Directory (#19)

Sun, 12 Sep 2021 01:08:24 -0700 

This is an automated email from the ASF dual-hosted git repository.

nacx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jclouds-site.git


The following commit(s) were added to refs/heads/master by this push:
     new b4539db  Document Azure Blob with Azure Active Directory (#19)
b4539db is described below

commit b4539dbb635bb0b60ab2d6a650b4a706a8dac5d2
Author: Timur Alperovich <ti...@timuralp.com>
AuthorDate: Sun Sep 12 01:08:16 2021 -0700

    Document Azure Blob with Azure Active Directory (#19)
    
    Added information on the required settings to use Azure Blob with Azure
    Active Directory.
---
 guides/azure-storage.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/guides/azure-storage.md b/guides/azure-storage.md
index 12b098f..01d3e3a 100644
--- a/guides/azure-storage.md
+++ b/guides/azure-storage.md
@@ -66,3 +66,22 @@ Object object = 
azureBlobClient.getBlobProperties(containerName, blobName);
 System.out.println("Object: " + object);
 context.close();
 {% endhighlight %}
+
+To use Azure Active Directory with Azure Blob storage, follow these steps:
+
+1. Setup [Azure 
CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
+2. Create a new Azure App: `az ad app create --display-name <name> --password 
<password>`
+3. Create a new service principal: `az ad sp create --id <Application-id>`
+4. Assign a Storage Blob Data Contributor role to the app: `az role assignment 
create --role "Storage Blob Data Contributor" --assignee <service principal ID>`
+5. Lookup the tenant ID: `az account show`
+
+In step 2, note the Azure Application ID returned. It will be used to create 
the service principal.
+In step 3, note the service principal ID returned -- it is required in step 4 
to assign the role so that the service principal can access the storage account.
+       
+Now you can use Azure Blob using Azure AD authentication. The required 
properties are:
+       
+* `jclouds.azureblob.auth=azureAd`
+* `jclouds.identity=<service principal ID>`
+* `jclouds.credential=<service principal password>`
+* `jclouds.azureblob.tenantId=<tenant ID>`
+* `jclouds.azureblob.account=<Azure Blob storage account>`

Reply via email to