Skip to content

Commit 1b6c1b5

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #253729 from pauljewellmsft/cloud-resource-id-stg-91
Update blob resource ID table
2 parents 8aa396a + 7600b59 commit 1b6c1b5

File tree

2 files changed

+26
-10
lines changed

2 files changed

+26
-10
lines changed

articles/storage/blobs/authorize-access-azure-active-directory.md

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -59,12 +59,20 @@ While Microsoft recommends using the Azure Identity client library when possible
5959

6060
When you use MSAL to acquire an OAuth token for access to Azure Storage, you need to provide an Azure AD resource ID. The Azure AD resource ID indicates the audience for which a token that is issued can be used to provide access to an Azure resource. In the case of Azure Storage, the resource ID may be specific to a single storage account, or it may apply to any storage account.
6161

62-
The following table describes the values that you can provide for the resource ID. The resource ID for Azure Storage is the same for all public and sovereign clouds:
62+
When you provide a resource ID that is specific to a single storage account and service, the resource ID is used to acquire a token for authorizing requests to the specified account and service only. The following table lists the value to use for the resource ID, based on the cloud you're working with. Replace `<account-name>` with the name of your storage account.
6363

64-
| Resource ID | Description |
65-
|---|---|
66-
| `https://<account>.blob.core.windows.net` | The service endpoint for a given storage account. Use this value to acquire a token for authorizing requests to that specific Azure Storage account and service only. Replace the value in brackets with the name of your storage account. |
67-
| `https://storage.azure.com/` | Use to acquire a token for authorizing requests to any Azure Storage account. |
64+
| Cloud | Resource ID |
65+
| --- | --- |
66+
| Azure Global | `https://<account-name>.blob.core.windows.net` |
67+
| Azure Government | `https://<account-name>.blob.core.usgovcloudapi.net` |
68+
| Azure Germany | `https://<account-name>.blob.core.cloudapi.de` |
69+
| Azure China 21Vianet | `https://<account-name>.blob.core.chinacloudapi.cn` |
70+
71+
You can also provide a resource ID that applies to any storage account, as shown in the following table. This resource ID is the same for all public and sovereign clouds, and is used to acquire a token for authorizing requests to any storage account.
72+
73+
| Cloud | Resource ID |
74+
| --- | --- |
75+
| Azure Global</br>Azure Government</br>Azure Germany</br>Azure China 21Vianet</br> | `https://storage.azure.com/` |
6876

6977
## Assign Azure roles for access rights
7078

articles/storage/queues/authorize-access-azure-active-directory.md

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -58,12 +58,20 @@ While Microsoft recommends using the Azure Identity client library when possible
5858

5959
When you use MSAL to acquire an OAuth token for access to Azure Storage, you need to provide an Azure AD resource ID. The Azure AD resource ID indicates the audience for which a token that is issued can be used to provide access to an Azure resource. In the case of Azure Storage, the resource ID may be specific to a single storage account, or it may apply to any storage account.
6060

61-
The following table describes the values that you can provide for the resource ID. The resource ID for Azure Storage is the same for all public and sovereign clouds:
61+
When you provide a resource ID that is specific to a single storage account and service, the resource ID is used to acquire a token for authorizing requests to the specified account and service only. The following table lists the value to use for the resource ID, based on the cloud you're working with. Replace `<account-name>` with the name of your storage account.
6262

63-
| Resource ID | Description |
64-
|---|---|
65-
| `https://<account>.queue.core.windows.net` | The service endpoint for a given storage account. Use this value to acquire a token for authorizing requests to that specific Azure Storage account and service only. Replace the value in brackets with the name of your storage account. |
66-
| `https://storage.azure.com/` | Use to acquire a token for authorizing requests to any Azure Storage account. |
63+
| Cloud | Resource ID |
64+
| --- | --- |
65+
| Azure Global | `https://<account-name>.queue.core.windows.net` |
66+
| Azure Government | `https://<account-name>.queue.core.usgovcloudapi.net` |
67+
| Azure Germany | `https://<account-name>.queue.core.cloudapi.de` |
68+
| Azure China 21Vianet | `https://<account-name>.queue.core.chinacloudapi.cn` |
69+
70+
You can also provide a resource ID that applies to any storage account, as shown in the following table. This resource ID is the same for all public and sovereign clouds, and is used to acquire a token for authorizing requests to any storage account.
71+
72+
| Cloud | Resource ID |
73+
| --- | --- |
74+
| Azure Global</br>Azure Government</br>Azure Germany</br>Azure China 21Vianet</br> | `https://storage.azure.com/` |
6775

6876
## Assign Azure roles for access rights
6977

0 commit comments

Comments
 (0)