How may I access a blob container from another subscription and resource group?

Ivan Barrientos 1 Reputation point
2022-07-30T15:14:36.277+00:00

A team has started their own adls gen2 storage account and they would like to share it with me, including read/write credentials. I would like access this storage account (e.g. blob containers therein) but don't know how. Could someone help?

What does this team need to share with me and what do I need to share with them?
Ideally, I'd like to connect to their storage account on the Microsoft Azure Storage Explorer desktop app.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,169 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,714 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,436 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sumarigo-MSFT 43,801 Reputation points Microsoft Employee
    2022-07-31T16:05:06.217+00:00

    @Ivan Barrientos Welcome to Microsoft Q&A Forum! Thank you for posting your query here!

    As I understand you need to access Azure Storage with different Subscription am I correct? Azure Storage Explorer tool is also the best option to connect different storage account under one tool.

    Enable Secure access to Azure Storage Account across multiple subscriptions

    There is a So thread which talk about same scenario, please refer to the suggestion and let me know the status

    • Enable the storage firewall, giving access via VNET and enabling the Private Endpoints. When using private endpoints for Azure services, traffic is secured to a specific private link resource.
      The platform performs an access control to validate network connections reaching only the specified private link resource. To access additional resources within the same Azure service, additional private endpoints are required.

    In this way we can only have access to this storage account only the resources that we have on the VNET that we previous allow.
    If we need to allow a VNET in a different subscription we will need to create a virtual network peering, in this article we explain the purpose of peering and how can we create it.

    About private endpoints for Azure Storage.

    Tools and Utilities : https://azure.github.io/Storage/docs/tools-and-utilities/

    “How can we share data between different Azure Subscriptions

    Please let us know if you have any further queries. I’m happy to assist you further.

    ----------

    Please do not forget to 226518-screenshot-2021-12-10-121802.png and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
  2. Andreas Baumgarten 96,926 Reputation points MVP
    2022-07-30T16:49:52.22+00:00

    Hi @Ivan Barrientos ,

    maybe this helps: https://learn.microsoft.com/en-us/azure/data-share/how-to-share-from-storage

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments