Skip to main content

Azure: Specifying authentication details for a Cloud Storage Pool

Contributors netapp-lhalbert

When you create a Cloud Storage Pool for Azure Blob storage, you must specify an account name and account key for the external container that StorageGRID will use to store objects.

What you'll need
  • You must have entered the basic information for the Cloud Storage Pool and specified Azure Blob Storage as the provider type. Shared Key appears in the Authentication Type field.

    Cloud Storage Pool Create Azure
  • You must know the Uniform Resource Identifier (URI) used to access the Blob storage container used for the Cloud Storage Pool.

  • You must know the name of the storage account and the secret key. You can use the Azure portal to find these values.

Steps
  1. In the Service Endpoint section, enter the Uniform Resource Identifier (URI) used to access the Blob storage container used for the Cloud Storage Pool.

    Specify the URI in one of the following formats:

    • https://host:port

    • http://host:port

    If you do not specify a port, by default port 443 is used for HTTPS URIs and port 80 is used for HTTP URIs.

    Example URI for Azure Blob storage container:
    https://myaccount.blob.core.windows.net

  2. In the Authentication section, provide the following information:

    1. For Account Name, enter the name of the Blob storage account that owns the external service container.

    2. For Account Key, enter the secret key for the Blob storage account.

    Note For Azure endpoints, you must use Shared Key authentication.
  3. In the Server Verification section, select which method should be used to validate the certificate for TLS connections to the Cloud Storage Pool:

    Option Description

    Use operating system CA certificate

    Use the default CA certificates installed on the operating system to secure connections.

    Use custom CA certificate

    Use a custom CA certificate. Click Select New, and upload the PEM-encoded certificate.

    Do not verify certificate

    The certificate used for the TLS connection is not verified.

  4. Click Save.

When you save a Cloud Storage Pool, StorageGRID does the following:

  • Validates that the container and the URI exist and that they can be reached using the credentials that you specified.

  • Writes a marker file to the container to identify it as a Cloud Storage Pool. Never remove this file, which is named x-ntap-sgws-cloud-pool-uuid.

If Cloud Storage Pool validation fails, you receive an error message that explains why validation failed. For example, an error might be reported if there is a certificate error or if the container you specified does not already exist.

See the instructions for troubleshooting Cloud Storage Pools, resolve the issue, and then try saving the Cloud Storage Pool again.