question

Rad-6973 avatar image
0 Votes"
Rad-6973 asked SumanthMarigowda-MSFT commented

Granting read access to blob container to an external application

Hi,

I want to grant access to blobs in my Azure container to an app registration of an external organisation (similarly to how you can grant a Google Service Account access to a bucket in GCP).

I'm not able to figure out how to access/refer to the external organisation's app registration/service principal in order to grant it the appropriate roles. I've only seen guides on how to grant such permissions to actual people with email accounts.

Any help would be appreciated.

azure-blob-storageazure-ad-app-registration
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @Rad-6973 • Thank you for reaching out. We are looking into this internally and will get back to you.

0 Votes 0 ·

@Rad-6973 Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

When you register an application through the Azure portal, an application object and service principal are automatically created in your home directory or tenant. You should be able to search your application when you add a role under Access Control(IAM) for the storage account. For more information you can refer to this page on creating an Azure AD application and service principal that can access resources.
Blob container -> Access Control(IAM)
128776-animation.gif

If you find any difficulties please let me know I would like to work closer on this issue


Please let us know if you have any further queries. I’m happy to assist you further.


Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.




0 Votes 0 ·
animation.gif (583.6 KiB)

0 Answers