Add the Azure Data Lake Storage Gen2 Object Storage Repository with an IAM AD Application

Updated

To add the Azure Data Lake Gen2 object storage repository using non-Azure virtual machines (VM) as access nodes, create an Azure Active Directory (AD) application, and then assign the storage blob data owner role to the application. Then, use the IAM AD role assignment type of authentication to add an object storage repository.

Assign the Storage Blob Data Owner Role to the AD Application

  1. On the Azure portal, create an Azure AD application.

  2. Add the storage blob data owner role to the Azure AD application.

  3. Generate and save a client secret for the Azure AD application.

  4. Record the application ID and the tenant ID of the application that you created.

Add the Repository

  1. From the navigation pane, go to Protect > Object storage.

    The Object storage page appears.

  2. In the upper-right corner of the page, click Add object storage.

    The Add object storage dialog box appears.

  3. Click Azure Data Lake Storage Gen2.

    The Add Azure Data Lake Storage Gen2 dialog box appears.

  4. In the Object storage name box, enter a name for the repository.

  5. In the Host URL box, enter the Azure Data Lake Storage Gen2 service account URL.

    For example, enter dfs.core.windows.net.

  6. From the Authentication list, select IAM AD application.

    The Credentials dialog box appears.

  7. Do one of the following:

    • Select the credentials to use.

    • To add credentials to the Credentials Manager, do the following:

      1. Click the plus button (+).

        The Add Credential dialog box appears.

      2. Enter the following information:

      • Credential name: Enter a name for the credentials.

      • Tenant ID: Enter the tenant ID of the Azure AD application.

      • Application ID: Enter the application ID of the Azure AD application.

      • Application secret: Enter the application secret of the Azure AD application.

      • Environment: Select the region where you deployed the Azure cloud.

      1. Click Save.

  8. Enter the following information:

    • Access node: Select the access node to use for the repository.

    • Plan: Select the server plan to use for the repository.

  9. Click Save.