TechQA.

Provide access to Azure Storage Account for all VMs in resource group

40 views Asked by At

I have one Storage Account in one Azure Resource Group. How to grant access to SA for newly created VMs in this Resource group automatically?

The idea as soon as VM was created it provides access to SA where I would like to store some configuration files.

azure permissions virtual-machine azure-storage-account
Original Q&A
1

There are 1 answers

0
Venkatesan On

I have one storage account in one Azure Resource Group. How can I grant access to the storage account for newly created VMs in this Resource Group automatically?

Create a user-managed identity with the role Storage Blob Data Contributor and assign it to the particular storage account.

Portal: enter image description here

Now, after creating a Virtual Machine, you need to add the user-managed identity to your virtual machine manually.

Command:

az vm identity assign -g <RESOURCE GROUP> -n <VM NAME> --identities <USER ASSIGNED IDENTITY>

Output:

venkat [ ~ ]$ az vm identity assign -g venkatesan-rg -n vm1 --identities sample
    {
      "systemAssignedIdentity": "",
      "userAssignedIdentities": {
        "/subscriptions/xxxx/resourceGroups/venkatesan-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/sample": {
          "clientId": "eb65ee35-xxx1",
          "principalId": "2171dd30-6xxxx"
        }
      }
    }

Portal: enter image description here

Now, after assigning identity to the VM, the virtual machine can access the storage account.

Here, you can refer to this SO-thread by Sourav to access the storage account using managed identity.

Related Questions in AZURE

Related Questions in PERMISSIONS

Related Questions in VIRTUAL-MACHINE

Related Questions in AZURE-STORAGE-ACCOUNT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions