David Giard

Configuring Roles in an Azure Storage Account

May 09, 2025 10:21 Comments [0]

In the last article, I showed you how to create an Azure Storage Account. One way to secure a storage account is to assign users to roles that allow each user only the access that they require and no more. In this article, I will show you how to assign users to roles in an Azure Storage Account.

Log in to the Azure Portal and navigate to the Azure Storage Account, as shown in Fig. 1.

Overview Blade
Fig. 1

From the left menu, select [Access Control (IAM)] (Fig. 2) to display the "Check Access" tab of the "Access Control (IAM)" blade, as shown in Fig. 3.

Access Control Button
Fig. 2

Access Control Blade
Fig. 3

The "Role Assignments" displays a list of existing role assignments for this Storage Account, as shown in Fig. 4.

Role Assignments Tab
Fig. 4

On the "Check Access" tab, click the [Add role assignment] button (Fig. 5) to display the "Add role assignment" dialog, as shown in Fig. 6.

Add Role Assignment Button
Fig. 5

Add Role Assignment Dialog
Fig. 6

This dialog is separated into two tabs, representing the different types of roles: Job function roles, intended for users of the services and its data; and Privelged administration roles, intended for those who are managing the Storage Account. Search for the role to which you wish to add a user. In the figure, we searched for "Storage Blob Data Contributor," so the dialog filters the list of rows to show us this role. Select the role.

On the "Members" tab (Fig. 7) you can add users to the selected role.

Add Role Assignment DialogMembers Tab
Fig. 7

Click the [Select members] button (Fig. 8) to display the "Select members" dialog, as shown in Fig. 9.

Select Members Button
Fig. 8

Select Members Dialog
Fig. 9

Search for a user, select that user, and click the [Select] button (Fig. 10) to add the selected user or users to the selected role.

Select Button
Fig. 10

The User should now appear in the list of members, as shown in Fig. 11.

Add Role Assignment Dialog
Fig. 11

At this point, the user has not yet been assigned to the selected role. Click the [Review + assign] button (Fig. 12) to activate the "Review + assign" tab. Then select the [Review + assign] button again to assign this user to the selected group.

Review Assign Button
Fig. 12

The user is now assigned to the group and should appear in the list of role assignments and should have rights appropriate to that group.

In this article, I showed you how to secure an Azure Storage Account by assigning users to appropriate roles in that account.

Categories: Azure
Share on Twitter, Reddit or Facebook
May 09, 2025 10:21