From 34f606dcf880c76778d9a7693bf5c5ec0336f246 Mon Sep 17 00:00:00 2001 From: Eugene Dementyev Date: Tue, 11 Oct 2022 10:54:47 +1300 Subject: [PATCH] Add storage_account parameter to Azure Blob Storage backend (#2016) * Add storage_account parameter to Azure Blob Storage backend to use cli auth Related to https://github.com/pulumi/pulumi/pull/10900 Related to https://github.com/google/go-cloud/pull/3159 Co-authored-by: Aaron Friel --- themes/default/content/docs/intro/concepts/state.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/themes/default/content/docs/intro/concepts/state.md b/themes/default/content/docs/intro/concepts/state.md index 46f2fd3c623..b7aab99b014 100644 --- a/themes/default/content/docs/intro/concepts/state.md +++ b/themes/default/content/docs/intro/concepts/state.md @@ -197,6 +197,19 @@ $ pulumi login azblob:// To tell Pulumi what Azure storage account to use, set the `AZURE_STORAGE_ACCOUNT` environment variable. Also, set either `AZURE_STORAGE_KEY` or `AZURE_STORAGE_SAS_TOKEN` to authorize access. For additional configuration options, see [Azure Setup]({{< relref "/registry/packages/azure/installation-configuration" >}}). If you're new to Azure Blob Storage, see [the Azure documentation](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-cli). +{{% notes type="info"%}} +As of Pulumi CLI v3.41.1, instead of the environment variables above, Azure CLI authentication may be used by specifying the storage account in the URL like so after using `az login`: + +```sh +$ pulumi login azblob://?storage_account=account_name +``` + +{{% /notes %}} + +{{% notes type="info"%}} +The Azure account must have the [Storage Blob Data Contributor role](https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#storage-blob-data-contributor) or an equivalent role with permissions to read, write, and delete blobs. +{{% /notes %}} + ##### Logging Into the Google Cloud Storage Backend To use the [Google Cloud Storage](https://cloud.google.com/storage/) backend pass the `gs://` as your ``: