Attach a Microsoft Azure volume

📘

Navigation

• Microsoft Azure volumes
• Attach a Microsoft Azure volume:
  • Via the visual interface
  • Via the API:
    • Create a volume (Microsoft Azure)
    • Get details of a volume (Microsoft Azure)
    • Update a volume (Microsoft Azure)

Overview

Attach a volume for use on the CGC's visual interface. Use this tutorial if your cloud storage provider is Microsoft Azure.

Or, learn more if your cloud storage provider is Amazon Web Services (AWS) or Google Cloud Storage (GCS).

Prerequisites

1. A Microsoft Azure account
2. A storage container within this Azure account.
3. (Optional) Completed app registration and role assignment on the Azure Portal. If you haven't completed this step, don't worry, the instructions below will guide you through the entire process.

Procedure

1. Access the Volumes dashboard.
2. Click Attach volume and choose the cloud storage provider for your volume.
3. Provide app details.
4. Enter the required Azure credentials.
5. Provide storage container details.
6. Assign roles on the Azure Portal.
7. Configure additional options.
8. Review volume details and confirm to connect your volume.

Step 1: Access the Volumes Dashboard

This step takes place on the CGC

1. Click on the Data tab of the top navigation bar.
2. Select Volumes from the drop-down menu.

Step 2: Choose the cloud storage provider

This step takes place on the CGC

1. On the Volumes Dashboard, click Attach volume.
2. Select Microsoft Azure as your cloud storage provider.
3. Click Next.

Step 3: Provide application details

Provide details of the Microsoft Azure application that will be used to establish a connection to the container that you want to attach to the CGC. This information is available in the overview of the application on the Azure Portal. If you have already registered an application for this purpose by following the app registration and role assignment guide, copy its Application (client) ID and Directory (tenant) ID and enter them in the volume connection wizard. If you haven't done so, follow the steps below to register a new application:

1. Go to the Azure Portal.
2. Under  select Azure Active Directory.
3. In the pane on the left click App registrations.
4. Click New registration.
5. Enter the name of the new app, for example sbg-app and click Register. Application details are displayed. Note that the Application (client) ID and Directory (tenant) ID of the app are required to attach the storage container to the CGC.
6. On the CGC, enter the Application (client) ID and Directory (tenant) ID.
7. Click Next.

Step 4: Enter the client secret value

If you have already created a client secret for this purpose by following the app registration and role assignment guide, copy its Value and enter it in the volume connection wizard. If you haven't done so, follow the steps below to create a new client secret:

1. On the Azure Portal, select the app you created for the purpose of attaching your container to the CGC.
2. In the pane on the left click Certificates & secrets.
3. Under Client secrets click New client secret.
4. Add a Description (e.g. sbg-secret) and for Expires select 24 months.
5. Click Add. You have added a new secret. Copy the information from its Value field.
6. On the CGC, enter the Value of the client secret.
7. Click Next.

Step 5: Provide volume information

Provide details related to your Microsoft Azure storage container and the way it will be connected to the CGC.

1. Enter the name of the Storage account which holds the container you want to attach.
2. Enter the Resource ID. Get it by opening the JSON View on your storage account's Overview page on the Azure Portal.
3. In Container name, enter the name of the container you want to attach.
4. Enter a Volume name, which is how the attached container will be named on the CGC.
5. (Optional) Enter a description for the attached container (volume).
6. Select access privileges for the volume:
   * Read only (RO) - You will be able to read files from the volume, but not write files to it.
   CGC files can only be transferred to Microsoft Azure if the location of the project from which you are transferring the files is also set to Microsoft Azure.
7. (Optional) Enter the root (prefix). If set, access to the attached container will be limited to the defined root location and its subdirectories.
8. Click Next.

Step 6: Assign roles

This step takes place on the Azure Portal. If you have already completed role assignment by following the app registration and role assignment guide, skip this step and continue to configuring additional options.

In order to allow the connection with your Azure container, you need to assign roles to your registered application.

1. Open the storage account you entered in the previous step and select Access Control (IAM) from the menu on the left.
2. Click Add, then click Add role assignment.
3. In theRole field select the Storage Blob Delegator role.
4. In the Select field enter and select your registered application (e.g. sbg-app).
5. Click Save.
6. Repeat the previous steps, this time by selecting the Reader role.

Once you are done adding roles for your app in storage account settings, continue by assigning an appropriate role to the container you want to attach to the CGC:

1. Open the container you entered in the previous step and select Access Control (IAM) from the menu on the left.
2. Click Add, then click Add role assignment.
3. In theRole field select the Storage Blob Data Contributor role.
4. In the Select field, enter and select your registered application (e.g. sbg-app).
5. Click Save.

You have now assigned all required roles to your registered application. Click Next to continue.

Step 7: Configure additional options

Enter a Microsoft Azure endpoint, only if you are using an endpoint that is different from the default one https://(serviceaccount).blob.core.windows.net. To make a non-default endpoint work with the CGC, please first make sure it is supported by Seven Bridges. For more information, please contact [email protected].

Step 8: Review volume details

On this tab, review the details for your volume and click Connect.

Next step

Congratulations! You've attached your Microsoft Azure storage container as a volume to the CGC. You can make individual data objects within it available as "aliases" on the CGC. Aliases point to files stored on your cloud storage bucket and can be copied, executed, and organized like normal files on the CGC. We call this operation "importing". Learn more about working with aliases.