I have a problem, which I cannot figure out to solve:
Our company has appr. 20 Azure storage accounts with appr. 20 containers each. I want to write a .NET Core console application, which I can run on a (non-Azure) Windows server for backing up the blobs with read-only access to a (non-Azure) server.
If I would use the storage access keys, I would have the problems a) I would need 20 different access keys and b) the access keys allow for full access, which I don't want to grant this console application for security reasons. Using an authentication with SAS, even worse, I would have appr. 400 different SAS keys (20 storage accounts x 20 containers).
Now: On Azure, I created a new user, e. g. "[email protected]", which is a global reader - so no possibility to write/delete, which would satisfy the security issues. I registered my application as a Windows application.
However, despite reading and trying out so many ways, I was not able to figure out how my console application can automatically log in through e. g. Azure Active Directory (password) with the username + password of [email protected]. It would also be important to store username/password e. g. in appsettings.json).
Can you provide .NET Core C# code how I can a) login and b) list all blobs in one storage account >> container?
Thanks so much!!
Martin