Configure an Azure Blob Storage Destination

This article will describe how to configure Bobsled to grant access to data transfers made to Azure Blob Storage. The data will be delivered to the Bobsled-managed destination and access will be authorized to the Azure application(s) configured in the destination.    

• To read more about the Azure Blob Storage destination, visit: Azure Blob Storage Destination

Bobsled offers two options to configure your Azure destination:

• Bobsled Managed Application
  • Bobsled will generate a service principal and client secret(s) to be used to log in to the Azure CLI. Using this service principal, you will be able to access the delivered data with the generated credentials. 
• Consumer Managed Application 
  • You create or use an existing Azure application in which you own the credentials. The application used must be registered as a Multi-tenant Application.

Prerequisites

• Before configuring a destination, a share must be created. 
• Using the Consumer Managed Application requires you to have an existing Azure Multi-tenant application or to create a new one. 
  • To learn how to create an Azure application to be used for this method, visit: Creating a Managed Application in Azure

Configuring the destination

1. Choose the cloud platform "Azure Blob Storage". Select the cloud platform and region. Press "continue" to move to step 2. 

2. Choose access method(s) to configure. The access methods are: Service Principal, Managed Application and SAS Token.

    2.1 Need help deciding? Choose Service Principal for Bobsled to manage and generate a service principal and client secret credentials for you. Choose Managed Application to manage and create your own application which Bobsled will grant access to the data. 

Bobsled Managed Application

1. Navigate to the Service Principal tab

2. Select the "Generate" button to configure a Service Principal. You will use this principal and client secret to login to the CLI and access the data. 

    2.1. Once you have a service principal, you may add up to 100 client secrets. Click the "+" button to generate a new client secret. 

    2.2 To edit the name of a client secret, click the ellipse in the row and select "edit". You may use up to 80 characters. 

    2.3 To revoke an individual client secret, click the ellipse in the row and select "revoke". To revoke all secrets, click the "trash" icon next to the add button. 

3. Click the red Finish button.

Managed Application 

1. Navigate to the Managed Application tab

2. Enter a human readable label for your managed application. This is optional, if no label is entered the application id will appear as the label.

3. Enter the Application ID of your app. 

    3.1 Need help finding it? In the portal, navigate to Azure Active Directory > App registrations > Click on App name

4. Enter the Tenant ID where the app was created. This is optional. 

    4.1 Need help finding it? In the portal, navigate to Azure Active Directory > Overview 

5. Click Grant Access

    5.1 To edit the label or tenant ID, click the ellipse in the row and select "edit".

    5.2 To revoke the application, click the ellipse in the row and select "revoke".

6. Click the red Finish button.