Azure Blob Storage
Connect your Azure Blob Storage account to store GitSec backups using a SAS token.
Prerequisites
- An Azure account with a Storage Account.
- A Blob container created within the Storage Account.
- A Blob SAS URL generated for the container with the required permissions.
Setup Steps
- Navigate to Storage in the sidebar.
- Click Add Storage Provider.
- Select the Azure Blob Storage card.
- Fill in the connection form:
| Field | Description |
|---|---|
| Connection Name | A unique, friendly name to identify this storage provider (e.g., "DR Azure EU"). |
| Folder Path | The folder path within the container for storing backups (defaults to /). |
| Connection String | Your Azure Blob SAS URL or connection string (will be encrypted and masked). |
- Click Test Connection to verify GitSec can access the container.
- If the test succeeds, click Save to complete the setup.
tip
Click Show Blob SAS Token Instructions on the form for step-by-step guidance.
Create an Azure Container
- Go to Azure Console > Storage Accounts > Resources tab.
- Click Create.
- Enter a storage account name and choose a region.
- You can leave other settings at their default values as recommended by Azure.
- Go to Data Storage > Containers for the created storage account.
- Click Add Container for a new container, or use an existing one.
- Click "..." for the intended container and select Generate SAS.
Generating the SAS Token
- Select the following permissions from the Permissions list:
- List
- Read
- Create
- Write
- Delete
- Set the Start and Expiry date/time. Azure recommends that the start time should be at least 15 minutes earlier than the current time.
- You can leave other settings at their default values as recommended by Azure.
- Click Generate SAS token and URL and save your Blob SAS URL to use as the Connection String in GitSec.
Security Best Practices
- SAS tokens provide temporary access to your storage. Rotate SAS tokens regularly and monitor their usage in Azure Monitor.
- Use a dedicated Storage Account for GitSec backups.
- Set appropriate expiry dates for your SAS tokens based on your security requirements.
For more details, see the Azure SAS Token Documentation.