Azure Blob Storage

Azure Blob Storage resources represent container-based object storage hosted on Microsoft Azure. Unlike S3-compatible providers, Azure Blob Storage does not have a native integration with Plakar Control Plane’s inventory discovery. You need to set up a self-managed inventory before adding an Azure Blob Storage resource.

You can create a self managed inventory to manage your Azure resources by just providing a name for it, read the self managed invetory documentation for more information.

When using a managed inventory, all resources are automatically discovered for you, but for self managed inventory you’ll have to register your resources manually or import them from a CSV file.

To add Azure Blob Storage container as a resource, you need to use Object Storage as class and Azblob as the subclass. For the endpoint you should use the container name. Read the Getting your credentials from Azure on where to get the container name.

Azure Blob Storage resources can be configured as a source, store, or destination connector.

The name of the Azure Storage account, for example mystorageaccount.

The access key used to authenticate with the Azure Storage account.

Optional. The full Azure Blob Storage connection string, for example DefaultEndpointsProtocol=https;AccountName=mystorageaccount;AccountKey=...;EndpointSuffix=core.windows.net. When provided, this takes precedence over Account Name and Account Key.

Optional. The Azure Blob service URL, for example https://mystorageaccount.blob.core.windows.net. Only needed when connecting to a non-standard endpoint such as Azurite for local development.

Optional. Disables authentication entirely. Only useful for public blobs or local emulator setups such as Azurite. Should never be enabled in production.

To use Azure Blob Storage, you first need to create a Storage Account and a Resource Group for it. You can read more under Microsoft Storage Accounts documentation.

You can create a Storage Container from your Storage Account under Data Storage -> Containers. Use the name of the container as the endpoint when setting up the resource in step 2

The other remaining credentials can be found under Security + networking -> Access Keys

Plakar Control Plane requires a set of Azure RBAC permissions to access your Blob Storage containers. These permissions should be assigned to a security principal which is a user, group, service principal, or managed identity that Plakar Control Plane will use to authenticate. Azure RBAC roles can be assigned at the subscription, resource group, storage account, or container level. See the Microsoft Entra ID documentation for instructions on how to assign roles.