Contents x
    Azure Blob Storage
    • 04 Jun 2025
    • 1 Minute to read
    • PDF
    Contents

    Azure Blob Storage

    • Updated on 04 Jun 2025
    • 1 Minute to read
    • PDF
    Article summary

    Azure Blob Storage, an object storage service offered by Azure, is one of many delivery destinations that Bobsled supports. Bobsled will transfer the data to a Bobsled-managed destination Azure Blob Storage and grant permissions to the Azure application(s) that are configured in the destination section of a given share. The permissions granted allow each Azure application to perform read and copy operations on the Bobsled-managed destination container.

    Bobsled grants the following permissions to all Azure applications that are granted access to the data in the share:

    • Storage Blob Data Reader: Read and list Azure Storage containers and blobs

    • Storage Blob Delegator: Get a user delegation key, which can then be used to create a shared access signature for a container or blob that is signed with Azure AD credentials.

    Authorization

    To access deliveries made to the Bobsled-managed container, you will need to configure Bobsled to grant an Azure application with read access to the Bobsled-managed destination container. There are two types of Azure applications that you may configure to gain access to the container:

    • Bobsled-managed application or,

    • Consumer-managed application.

    To learn more about Azure applications used within Bobsled please visit: Account Access Identifiers in Azure.

    Bobsled-managed Application

    You are able to create up to 100 client secrets or "passwords" for the Azure application principal to access the data. Using the credentials of the Bobsled-managed service principal, the consumer is able to list the contents of the container and generate a Shared Access Token to copy the data to their container. Learn more about it in the Bobsled-managed destination setup guide.

    Consumer-managed Application

    When using a consumer-managed application, you will be required to provide its associated application (client) ID. Bobsled will grant your application access to the Bobsled-managed destination container that is present in Bobsled's AD tenant. Using the credentials of the consumer-managed application, the consumer is able to list the contents of the container and generate a Shared Access Token to copy the data to their container. Learn more about it in the Consumer-managed destination setup guide.

    Accessing data

    Once your data has been shared to the destination, learn how to access it in Azure Blob Storage.

    Was this article helpful?
    What's Next