Forum Discussion
Use Microsoft.Azure.Cdn service principal to grant access to private container?
Hello, I'm trying several methods to access a private container within a StorageAccount containing multiple containers (all set to private), just to get a hold of the concepts. In this scenar...
How about considering managed identities?
https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
Kidd_Ip I tried this but nothing. Created a User Assigned Identity and assigned it to CDN. On the blob storage side, I gave Owner and Bob read/write permissions to that User Assigned Identity. Very strange and kinda weird there are no clear instructions for this.
- I solved it adding to the private Blob storage, in the Network section with no public access expect for specific IPs, the IP of the CDN. You can find all Azure IPs in this file https://www.microsoft.com/en-us/download/details.aspx?id=56519 and I used 147.243.0.0/16. Hope this helps someone