0
votes

I need to create 500 Azure BLOB Containers for users to store their data on it.

Each user should have Contributor access to only their respective Container and not able to access other container in the same Storage account.

I have tested it manually with few users/containers by allowing BLOB contributor access at container level and users were not able to access other containers.

How can I do the same for 500 users using CLI/script, especially assigning Contributor access at container to the respective user ?

1

1 Answers

1
votes

There are few options how to complete your task: Powershell, AzureCLI, REST API, SDK. Here is an example how to create Azure Storage Container and give contributor access:

az storage container create --account-name <storage-account> --name <container>  --auth-mode login
az role assignment create --role "Storage Blob Data Contributor" --assignee <email> --scope "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>/blobServices/default/containers/<container>"

Additionally you will need to have user's email list

https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-cli#create-a-container