Azure Storage Account

In this article

Overview

Use this account type to connect Binary Snaps with data sources that use the Azure Storage account. 

Prerequisites

None.

Limitations and Known Issues

None.

Account Settings

Field Name

Field Type

Field Dependency

Description

Field Name

Field Type

Field Dependency

Description

Label


Default Value: N/A
Example: Azure Storage Account

String

N/A

Specify a unique name for the account.

Account name


Default Value: N/A
Example: azureaccountname

String

N/A

Specify the account name created in Azure storage.

Auth Type


Default Value: Access Key
Example: SAS URI

Dropdown list

N/A

Select the authorization type you want when setting up the account. Available options are:

  • Access Key: An Access Key is a credential used to authenticate and authorize access to cloud services and resources. Access keys can also authenticate access to storage services such as blobs, queues, tables, and files.

  • SAS URI: A SAS (Shared Access Signature) URI is a secure way to provide limited access to resources in Azure Storage without exposing the storage account keys. A SAS URI contains a token that grants specific permissions to a resource for a defined time period. This mechanism is useful for scenarios where you need to share access to storage resources with clients or applications without sharing the storage account key.

  • Managed identity: Managed identity is used to authenticate and access a wide range of Azure services, such as Azure Key Vault, Azure SQL Database, Azure Storage, and more. This integration ensures that the applications can securely access resources without requiring specific credentials.

Managed identity

 

Default Value: System assigned managed identity
Example: User assigned managed identity

Expression/Dropdown list

Appears when you select Managed identity for Auth type.

Choose the identity you want to use for authentication. The available options are:

  • User assigned managed identity: Created as a standalone Azure resource. It can be assigned to one or more Azure resources. Its lifecycle is independent of the Azure resources it is assigned to.

  • System assigned managed identity: Created and managed by Azure for an Azure resource, such as a virtual machine or a web app. The lifecycle of this identity is tied to the Azure resource, so it is automatically deleted when the resource is deleted.

Client ID

Default Value: N/A
Example: 12345678-9abc-def0-1234-56789abcdef0

String/Expression

Appears when you select User assigned managed identity for the Managed identity.

Specify the client ID of the of the User assigned managed identity.

Primary access key


Default Value: N/A
Example: <Encrypted>

String

Appears when you select Access Key in the Auth Type. 

Enter the primary access key associated with the Azure storage account. 

 SAS URI


Default Value: N/A
Example: azureaccountname.blob.core.windows.net

String

Appears when you select SAS URI in the Auth Type. 

Specify the URI containing the SAS token to perform read/write operations in the Azure Storage account. You can generate an SAS URI either in the Azure portal or from the SAS Generator Snap. 

If you provide the SAS URI in the Snap, then the Snap considers the URI given in the Snap and ignores the URI in the account settings.

Blob endpoint


Default Value: N/A
Example: https://mystorageaccount.blob.core.windows.net/mycontainer/myfile.txt

String

N/A

The Azure storage blob endpoint. Use this URL to access the Blob service for a specific storage account.

Leave this field empty to use the default endpoint: "https://<storage-account-name>.blob.core.windows.net"

Request Size (MB)


Default Value: 4 MB
Example:50 MB

Maximum Size: 100 MB

Integer

N/A

Specify the buffer size (in MB) to be used by the corresponding Binary Snap before performing the required action in the Azure storage.

  • For writing large files, specifying a value in this field ensures that the specified buffer limit is filled before calling the Azure API to write data to Azure storage. If the file size is smaller than the specified buffer limit, Snap calls the Azure API as soon as the file is stored in the buffer.

  • We recommend that you set the Request Size to the maximum limit so that the execution time is fast. However, this can consume memory. If the value of the Request size is small and the file size is large then the Snap might need to make multiple API calls to write to Azure storage, which might affect the performance.

Account Encryption

Standard Encryption

If you are using Standard Encryption, the High sensitivity settings under Enhanced Encryption are followed.

Enhanced Encryption

If you have the Enhanced Account Encryption feature, the following describes which fields are encrypted for each sensitivity level selected per each account.

  • High: Primary access key

  • Medium + High: Primary access key

  • Low + Medium + High: Primary access key

Snap Pack History



Related content:

https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory