You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/managed-identities-azure-resources/tutorial-vm-windows-access-storage.md
+13-13Lines changed: 13 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ ms.subservice: msi
13
13
ms.topic: tutorial
14
14
ms.tgt_pltfrm: na
15
15
ms.workload: identity
16
-
ms.date: 01/11/2022
16
+
ms.date: 02/18/2022
17
17
ms.author: barclayn
18
18
ms.collection: M365-identity-device-management
19
19
---
@@ -51,12 +51,12 @@ This tutorial shows you how to use a system-assigned managed identity for a Wind
51
51
52
52
In this section, you create a storage account.
53
53
54
-
1.Click the **+ Create a resource** button found on the upper left-hand corner of the Azure portal.
55
-
2.Click**Storage**, then **Storage account - blob, file, table, queue**.
54
+
1.Select the **+ Create a resource** button found on the upper left-hand corner of the Azure portal.
55
+
2.Select**Storage**, then **Storage account - blob, file, table, queue**.
56
56
3. Under **Name**, enter a name for the storage account.
57
57
4.**Deployment model** and **Account kind** should be set to **Resource manager** and **Storage (general purpose v1)**.
58
58
5. Ensure the **Subscription** and **Resource Group** match the ones you specified when you created your VM in the previous step.
59
-
6.Click**Create**.
59
+
6.Select**Create**.
60
60
61
61
62
62
@@ -65,24 +65,24 @@ In this section, you create a storage account.
65
65
Files require blob storage so you need to create a blob container in which to store the file. You then upload a file to the blob container in the new storage account.
66
66
67
67
1. Navigate back to your newly created storage account.
68
-
2. Under **Blob Service**, click**Containers**.
69
-
3.Click**+ Container** on the top of the page.
70
-
4. Under **New container**, enter a name for the container and under **Public access level** keep the default value.
68
+
2. Under **Blob Service**, select**Containers**.
69
+
3.Select**+ Container** on the top of the page.
70
+
4. Under **New container**, enter a name for the container and under **Public access level** keep the default value.
5. Using an editor of your choice, create a file titled *hello world.txt* on your local machine. Open the file and add the text (without the quotes) "Hello world! :)" and then save it.
75
75
6. Upload the file to the newly created container by clicking on the container name, then **Upload**
76
-
7. In the **Upload blob** pane, under **Files**, click the folder icon and browse to the file **hello_world.txt** on your local machine, select the file, then click**Upload**.
76
+
7. In the **Upload blob** pane, under **Files**, select the folder icon and browse to the file **hello_world.txt** on your local machine, select the file, then select**Upload**.
77
77
78
78
79
79
### Grant access
80
80
81
81
This section shows how to grant your VM access to an Azure Storage container. You can use the VM's system-assigned managed identity to retrieve the data in the Azure storage blob.
82
82
83
83
1. Navigate back to your newly created storage account.
84
-
1.Click**Access control (IAM)**.
85
-
1.Click**Add** > **Add role assignment** to open the Add role assignment page.
84
+
1.Select**Access control (IAM)**.
85
+
1.Select**Add** > **Add role assignment** to open the Add role assignment page.
86
86
1. Assign the following role. For detailed steps, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).
87
87
88
88
| Setting | Value |
@@ -96,9 +96,9 @@ This section shows how to grant your VM access to an Azure Storage container. Yo
96
96
97
97
## Access data
98
98
99
-
Azure Storage natively supports Azure AD authentication, so it can directly accept access tokens obtained using a managed identity. This is part of Azure Storage's integration with Azure AD, and is different from supplying credentials on the connection string.
99
+
Azure Storage natively supports Azure AD authentication, so it can directly accept access tokens obtained using a managed identity. This approach uses Azure Storage's integration with Azure AD, and is different from supplying credentials on the connection string.
100
100
101
-
Here's a .NET code example of opening a connection to Azure Storage using an access token and then reading the contents of the file you created earlier. This code must run on the VM to be able to access the VM's managed identity endpoint. .NET Framework 4.6 or higher is required to use the access token method. Replace the value of `<URI to blob file>` accordingly. You can obtain this value by navigating to file you created and uploaded to blob storage and copying the **URL** under **Properties** the **Overview** page.
101
+
Here's a .NET code example of opening a connection to Azure Storage. The example uses an access token and then reads the contents of the file you created earlier. This code must run on the VM to be able to access the VM's managed identity endpoint. .NET Framework 4.6 or higher is required to use the access token method. Replace the value of `<URI to blob file>` accordingly. You can obtain this value by navigating to file you created and uploaded to blob storage and copying the **URL** under **Properties** the **Overview** page.
102
102
103
103
```csharp
104
104
usingSystem;
@@ -181,7 +181,7 @@ The response contains the contents of the file:
181
181
182
182
## Next steps
183
183
184
-
In this tutorial, you learned how enable a Windows VM's system-assigned identity to access Azure Storage. To learn more about Azure Storage see:
184
+
In this tutorial, you learned how enable a Windows VM's system-assigned identity to access Azure Storage. To learn more about Azure Storage, see:
0 commit comments