Azure Blob Storage Access
In order to allow Model9 to access Azure Blob Storage use the following procedure:
REGISTER THE MODEL9 APPLICATION IN AZURE ACTIVE DIRECTORY
On the Azure portal navigate to the “App registration” section under “Azure active directory” service and register the Model9 application. No special parameters are needed.
Under the registered application, go to the “API permissions” section and add a new permission for “Azure Storage”. Once added use the “Grant admin consent” button to finish the process.
CREATE A SECRET FOR THE APPLICATION
Once the application is registered, select the new application, go to the “Certificates & Secrets” section and generate a new client secret. Please document the secret value as it will be needed during the Model9 installation and it will not be visible again in the portal once you leave this page.
CREATE A STORAGE ACCOUNT ROLE ASSIGNMENT
Go to the “Access Control (IAM)” section under the Model9 storage account and select the “Role Assignment” tab. Click on the “Add” button to add a new role assignment and select the following:
- Role - “Storage Blob Data Contributor”
- Assign access to - “User, Group, or service principal”
- Select - The Model9 registered application you created in the previous step