Edit

Query for a Blob Storage endpoint using the Azure Storage management library

  • Article

A Blob Storage endpoint forms the base address for all objects within a storage account. When you create a storage account, you specify which type of endpoint you want to use. Blob Storage supports two types of endpoints:

  • A standard endpoint includes the unique storage account name along with a fixed domain name. The format of a standard endpoint is https://<storage-account>.blob.core.windows.net.
  • An Azure DNS zone endpoint (preview) dynamically selects an Azure DNS zone and assigns it to the storage account when it's created. The format of an Azure DNS Zone endpoint is https://<storage-account>.z[00-99].blob.storage.azure.net.

When your application creates a service client object that connects to Blob Storage data resources, you pass a URI referencing the endpoint to the service client constructor. You can construct the URI string manually, or you can query for the service endpoint at runtime using the Azure Storage management library.

Important

When referencing a service endpoint in a client application, it's recommended that you avoid taking a dependency on a cached IP address. The storage account IP address is subject to change, and relying on a cached IP address may result in unexpected behavior.

CNAMEs that are associated with a storage account endpoint can change without notice. Your application shouldn't take a dependency on the number of of CNAME records or the sub-domains that are associated with those CNAME records.

Additionally, it's recommended that you honor the time-to-live (TTL) of the DNS record and avoid overriding it. Overriding the DNS TTL may result in unexpected behavior.

For more information, see CNAME records, subdomains and IP addresses.

The Azure Storage management library provides programmatic access to the Azure Storage resource provider. The resource provider is the Azure Storage implementation of the Azure Resource Manager. The management library enables developers to manage storage accounts and account configuration, as well as configure lifecycle management policies, object replication policies, and immutability policies.

In this article, you learn how to query a Blob Storage endpoint using the Azure Storage management library. Then you use that endpoint to create a BlobServiceClient object to connect with Blob Storage data resources.

Set up your project

To work with the code examples in this article, follow these steps to set up your project.

Install packages

Install packages to work with the libraries used in this example.

Install the following packages using dotnet add package:

dotnet add package Azure.Identity
dotnet add package Azure.ResourceManager.Storage
dotnet add package Azure.Storage.Blobs

Set up the app code

Add the necessary using or import directives to the code. Note that the code examples may split out functionality between files, but in this section all directives are listed together.

Add the following using directives:

using Azure.Core;
using Azure.Identity;
using Azure.Storage.Blobs;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Storage;

Client library information:

  • Azure.Identity: Provides Microsoft Entra token authentication support across the Azure SDK, and is needed for passwordless connections to Azure services.
  • Azure.ResourceManager.Storage: Supports management of Azure Storage resources, including resource groups and storage accounts.
  • Azure.Storage.Blobs: Contains the primary classes that you can use to work with Blob Storage data resources.

Register the Storage resource provider with a subscription

A resource provider must be registered with your Azure subscription before you can work with it. This step only needs to be done once per subscription, and only applies if the resource provider Microsoft.Storage is not currently registered with your subscription.

You can register the Storage resource provider, or check the registration status, using Azure portal, Azure CLI, or Azure PowerShell.

You can also use the Azure management libraries to check the registration status and register the Storage resource provider, as shown in the following examples:

public static async Task RegisterSRPInSubscription(SubscriptionResource subscription)
{
    ResourceProviderResource resourceProvider = 
        await subscription.GetResourceProviderAsync("Microsoft.Storage");

    // Check the registration state of the resource provider and register, if needed
    if (resourceProvider.Data.RegistrationState == "NotRegistered")
        resourceProvider.Register();
}

Note

To perform the register operation, you'll need permissions for the following Azure RBAC action: Microsoft.Storage/register/action. This permission is included in the Contributor and Owner roles.

Query for the Blob Storage endpoint

To retrieve the Blob Storage endpoint for a given storage account, we need to get the storage account properties by calling the Get Properties operation. The following code samples use both the data access and management libraries to get a Blob Storage endpoint for a specified storage account:

To get the properties for a specified storage account, use the following method from a StorageAccountCollection object:

This method returns a StorageAccountResource object, which represents the storage account.

public static async Task<Uri> GetBlobServiceEndpoint(
    string storageAccountName,
    TokenCredential credential)
{
    // TODO: replace with your subscription ID and resource group name
    // You can locate your subscription ID on the Subscriptions blade
    // of the Azure portal (https://portal.azure.com)
    const string subscriptionId = "<subscription-id>";
    const string rgName = "<resource-group-name>";

    ArmClient armClient = new(credential);

    // Create a resource identifier, then get the subscription resource
    ResourceIdentifier resourceIdentifier = new($"/subscriptions/{subscriptionId}");
    SubscriptionResource subscription = armClient.GetSubscriptionResource(resourceIdentifier);

    // Get a resource group
    ResourceGroupResource resourceGroup = await subscription.GetResourceGroupAsync(rgName);

    // Get a collection of storage account resources
    StorageAccountCollection accountCollection = resourceGroup.GetStorageAccounts();

    // Get the properties for the specified storage account
    StorageAccountResource storageAccount = await accountCollection.GetAsync(storageAccountName);

    // Return the primary endpoint for the blob service
    return storageAccount.Data.PrimaryEndpoints.BlobUri;
}

Create a client object using the endpoint

Once you have the Blob Storage endpoint for a storage account, you can instantiate a client object to work with data resources. The following code sample creates a BlobServiceClient object using the endpoint we retrieved in the earlier example:

// Create an instance of DefaultAzureCredential for authorization
TokenCredential credential = new DefaultAzureCredential();

// TODO: replace with your storage account name
string storageAccountName = "<storage-account-name>";

// Call out to our function that retrieves the blob service endpoint for the given storage account
Uri blobURI = await AccountProperties.GetBlobServiceEndpoint(storageAccountName, credential);
Console.WriteLine($"URI: {blobURI}");

// Now that we know the endpoint, create the client object
BlobServiceClient blobServiceClient = new(blobURI, credential);

// Do something with the storage account or its resources ...

Next steps

View the full code samples (GitHub):

To learn more about creating client objects, see Create and manage client objects that interact with data resources.