Accessing Blob Storage Data by an app hosted in Pivotal Cloud Foundry running in Azure

Pallab Chakraborty 401 Reputation points
2021-03-09T03:00:01.817+00:00

I would like to know if it is possible to access a blob storage by a container running in Pivotal Cloud Foundry in Azure using a Managed Identity , say system assigned managed identity, or i need to use a Service Principal Object.
Earlier we were using SAS by coding the URL in the code to access the Blob Enpoint.
But we would like to use Azure RBAC to do authentication of our app running inside a container. So what is the best way to achieve this

We would like to use the "Blob Storage Reader" role for the app. So can Managed Identity be leveraged in this case, say user assigned or system assigned, and if yes, how to go about it? Or using Service Principal is the only option here, like register the app first in Azure AD and get an access token and then use that token for authorization like it is mentioned in this URI
https://learn.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app?tabs=dotnet

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,629 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,569 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. deherman-MSFT 35,556 Reputation points Microsoft Employee
    2021-03-09T18:59:19.447+00:00

    @Anonymous
    It appears your question was answered on StackOverflow. If this doesn't answer your question or you need further assistance please let us know!

    0 comments No comments