Skip to main content

Azure Blob Storage

Connect your Azure Blob Storage account to store GitSec backups using a SAS token.

Prerequisites

  • An Azure account with a Storage Account.
  • A Blob container created within the Storage Account.
  • A Blob SAS URL generated for the container with the required permissions.

Setup Steps

  1. Navigate to Storage in the sidebar.
  2. Click Add Storage Provider.
  3. Select the Azure Blob Storage card.
  4. Fill in the connection form:
FieldDescription
Connection NameA unique, friendly name to identify this storage provider (e.g., "DR Azure EU").
Folder PathThe folder path within the container for storing backups (defaults to /).
Connection StringYour Azure Blob SAS URL or connection string (will be encrypted and masked).
  1. Click Test Connection to verify GitSec can access the container.
  2. If the test succeeds, click Save to complete the setup.
tip

Click Show Blob SAS Token Instructions on the form for step-by-step guidance.

Create an Azure Container

  1. Go to Azure Console > Storage Accounts > Resources tab.
  2. Click Create.
  3. Enter a storage account name and choose a region.
  4. You can leave other settings at their default values as recommended by Azure.
  5. Go to Data Storage > Containers for the created storage account.
  6. Click Add Container for a new container, or use an existing one.
  7. Click "..." for the intended container and select Generate SAS.

Generating the SAS Token

  1. Select the following permissions from the Permissions list:
    • List
    • Read
    • Create
    • Write
    • Delete
  2. Set the Start and Expiry date/time. Azure recommends that the start time should be at least 15 minutes earlier than the current time.
  3. You can leave other settings at their default values as recommended by Azure.
  4. Click Generate SAS token and URL and save your Blob SAS URL to use as the Connection String in GitSec.

Security Best Practices

  • SAS tokens provide temporary access to your storage. Rotate SAS tokens regularly and monitor their usage in Azure Monitor.
  • Use a dedicated Storage Account for GitSec backups.
  • Set appropriate expiry dates for your SAS tokens based on your security requirements.

For more details, see the Azure SAS Token Documentation.