By default, a newly created Azure Storage Account has some restrictions. These restrictions are necessary to enhance security, but can cause frustration when using the portal to work with your data.

Recently, I received the following warning when I accessed a blob container in the portal:

Fig. 1

When I tried to upload a file to the container, Azure prevented the operation and reported only "Forbidden," as shown in Fig. 2

Fig. 2

After some research and experimentation, I discovered the solution was to add my user account to the "Storage Blob Data Contributor" role. This solution surprised me because I had created the Storage Account, so I was already a member of the "Owner" role. However, adding myself to this other role was sufficient to allow me to upload files to a blob container within the portal.

You can find step-by-step instructions on how to add a user to a role in an Azure Storage Account in this article.

The "Storage Blob Data Contributor" role is a good role to assign to new users who need to read and write data without giving them any extra rights within the account.