Is it possible to restrict the selected Users from accessing the Azure blob containers?

Sai Kiran Maturi 61 Reputation points
2022-11-14T18:47:54.537+00:00

few users can access read access, few users can have write access, few users should not have access to blob containers.

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,930 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,631 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Manu Philip 17,351 Reputation points MVP
    2022-11-14T19:49:46.253+00:00

    You can assign various Azure role for access to blob data. When an Azure role is assigned to an Azure AD security principal, Azure grants access to those resources for that security principal. An Azure AD security principal may be a user, a group, an application service principal, or a managed identity for Azure resources.

    To access blob data in the Azure portal with Azure AD credentials, a user must have the following role assignments:

    • A data access role, such as Storage Blob Data Reader or Storage Blob Data Contributor
    • The Azure Resource Manager Reader role, at a minimum

    Select 'Add Role Assignment' as shown below and add the required role to the selected users

    260272-image.png

    ----------

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments

  2. Sai Kiran Maturi 61 Reputation points
    2022-11-14T19:56:24.62+00:00

    @Manu Philip If the set of users was already a "Contributor" to the subscription/RG, then how can we restrict those kind of users from accessing blob containers.