Skip to main content
Skip table of contents

Microsoft Azure Blob Storage

To publish IBI-aws messages in Azure Blob Storage, the following steps are necessary:

Set up Azure Blob Storage

Create storage account

  1. Under Azure services, navigate to Storage accounts.

  2. Click on the Create button.

  3. Basics tab: Select your subscription and choose a name for your storage account. Further settings such as region, performance and redundancy can be specified.

  4. The default settings can be used in the remaining tabs (Advanced, Network, Privacy, Encryption, Tags tab).

  5. Switch to the Check + create tab, check your settings and click Create.

For details on creating a storage account, see https://learn.microsoft.com/en-us/azure/storage/common/storage-account-create?tabs=azure-portal

Create container

  1. Go to Storage accounts and open the newly created storage account.

  2. Switch to Containers. This menu item is subordinate to the Data storage item in the left-hand menu bar.

  3. Click on the + Container button.

  4. Assign a name for the container and define further settings if necessary. Click on Create.

Details on managing containers can be found athttps://learn.microsoft.com/en-us/azure/storage/blobs/blob-containers-portal?source=recommendations

Determine the URL of the container

The URL of the container is entered in the Azure Blob Storage endpoint in the IBI-aws Admin.

  1. Open the previously created container.

  2. Switch to Properties. This menu item is subordinate to Settings in the left menu bar.

  3. Apply URL (e.g.: https://mystorageaccount.blob.core.windows.net/mycontainer).

Create Shared Access Signature (SAS) Token

SAS tokens are entered in the Azure Blob Storage endpoint.

SAS tokens authorize the owner to access the Azure Blob Storage. These have specific authorizations (create, read, write, etc.) and an expiration date. You can find out more about SAS tokens at https://learn.microsoft.com/en-us/rest/api/storageservices/delegate-access-with-shared-access-signature.

Two tokens must be stored for the Azure Blob Storage endpoint. One token for the IBI-aws Admin and one for the Client. The tokens must be created with the following authorizations:

  • IBI-aws Admin: read, write, delete

  • IBI-aws Client: read

SAS tokens can be created as follows:

  1. Navigate to your previously created container and open Shared access tokens. This menu item is subordinate to the Settings item in the left-hand menu bar.

  2. In the form for creating a SAS token, the following information must be provided:

    1. Signing method: Account key (details under https://learn.microsoft.com/en-us/rest/api/storageservices/create-account-sas).

    2. Signing key: Choose which access key will be used to sign the SAS token. To invalidate the SAS token later if needed, the specified key can be rotated. More information can be found in the info box.

    3. Stored access policy: This field can be left blank, as a stored access policy is not required in this case.

    4. Permissions: Select the authorizations that the respective token should contain.

    5. Start: Time from which the token should be valid.

    6. Expiry: Time at which the token should expire. To avoid increased maintenance efforts, you can set a longer expiration date here. If required, the SAS tokens can be invalidated prematurely by rotating the keys in Azure.

    7. Permitted IP addresses: IP addresses from which requests are accepted.

    8. Permitted protocols: Specifies whether requests must be made via HTTPS or whether the HTTPS and HTTP protocols are permitted.

  3. Generate token and take the value from the Blob SAS token field.
    Example: sp=r&st=2024-02-01T14:32:45Z&se=2024-08-01T21:32:45Z&spr=https&sv=2022-11-02&sr=c&sig=Yuku%2B%2BIBasdfsasdfwefrGR17pKiYnbeJfSYnj9FIrs%3D)

If required, SAS tokens can be invalidated prematurely by rotating the associated keys. To access this option, search for Access keys in the storage account. It is also possible to set a rotation reminder there if you want to renew your SAS tokens every few months, for example.

Set up IBI-aws Admin

1. Start IBI-aws Admin

2. Add publication location

Add a new Microsoft Azure Blob publication location

3. Export connection data for client

In the publication location, the connection data for the IBI-aws client can be exported via the Export connection data for client... button.

4. Test publication

After the publication location has been added, the publication should be tested by publishing the messages. The Azure Blob Storage configuration can also be tested using the Test connection button.

5. Specify connection data in the IBI-aws Client

The exported connection data must be transferred to the IBI-aws Client as start parameters. The start parameters Remarks or AdditionalRemarks can be used for this purpose.

/Remarks
POWERSHELL 
IBI.aws.Client.exe ".\settings.iacabss"
/AdditionalRemarks
POWERSHELL 
IBI.aws.Client.exe ".\remarks.ibi" /AdditionalRemarks ".\settings.iacabss"

6. Restart / redistribute IBI-aws Client

This step differs depending on how the IBI-aws client was distributed.

  • Standard installation (via a central share)
    Restart the IBI-aws clients as follows:

    1. Start the existing version of the IBI-aws Admin

    2. Select all affected message groups in the message group overview

    3. Click on the action Restart clients to initiate the restart of the IBI-aws Clients during the next synchronization (only the application is restarted, not the PC).

    4. Afterwards the IBI-aws Admin can be closed again.

  • Local installation (e.g. via a software distribution system)
    Create a new IBI-aws Client package and distribute it to all relevant clients.

7. Wait until the new IBI-aws Client is available everywhere

This step differs depending on how the IBI-aws client was distributed.

  • Standard installation (via a central share)
    It can be assumed that all running IBI-aws Client instances are up-to-date as soon as the set synchronization interval has elapsed.

  • Local installation (e.g. via a software distribution system)
    Ask the relevant persons about the distribution status of the IBI-aws Client

8. Publish

In order for the message file to be available for the IBI-aws Clients via Azure Blob Storage, it is necessary to republish this data.

  1. Start the IBI-aws Admin

  2. Select all affected message groups

  3. Click on the action Publish...

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close