-
Notifications
You must be signed in to change notification settings - Fork 191
Barman Cloud and Azure Blob Storage authentication
Michael Wallace edited this page Nov 18, 2021
·
5 revisions
This is a short guide to authenticating Barman Cloud with Azure Blob Storage.
Barman cloud supports the following environment variables which can be used to authenticate against Azure Blob Storage:
-
AZURE_STORAGE_CONNECTION_STRING: An Azure Storage connection string which contains either an access key or shared access signature token which grants access to the target container. -
AZURE_STORAGE_SAS_TOKEN: An Azure Storage Shared Access Signature token. This can be at the storage container scope or higher. -
AZURE_STORAGE_ACCESS_KEY: An Access Key for the Azure Storage account which owns the target container.
Rather than require users to manage credentials directly, Barman Cloud is able to use Azure Active Directory to authenticate. This can be achieved in either of the following ways:
- Using an Active Directory user and logging in via the Azure CLI.
- Using managed identities.
As well as Barman Cloud and its Azure-specific dependencies (azure-blob-storage and azure-identity) you will also need the Azure CLI.
Log in using the Azure CLI by running the following command and following the instructions:
az login
Now run barman-cloud and it will automatically find the token: