Overview
Perform operations on Azure Blob Storage Containers and Blobs via the Workflow Automator.
Description
Orchestration apps let you automate repeatable tasks and actions that span across a diverse set of systems and applications using workflows. The list of actions supported for this app include:
Container Management
Create Container
Blob Management
Copy Blob
Delete Blob
Get Blob Tags
Set Blob Tags
Attach Blob to Freshservice Ticket Note
Upload Freshservice Attachments to Container
Prerequisites
A. Register an App for your Azure account
1. Once you login into your account on the Azure portal, navigate to search for “Azure Active Directory”.
2. On the active directory page in the left side panel, go to App Registrations > “New registration” > Enter a suitable name for the integration> “Register”
Note that we will be granting permissions for resources under a subscription to this app.
B. Create a custom role for the integration
You have to create a custom role for the integration for your app (created in Prerequisite A), which you will use to authenticate your calls to Azure Blob Storage .
Go to the Azure portal, search for “Subscriptions''. Select your active subscription.
Click on “Access control (IAM)” and Select “Roles”
Select any role from the list and open the context menu by clicking on … from the right side of the role and click on “Clone”.
Enter a suitable name for the custom role and select Baseline Permission as “Start From Scratch”.
Keep clicking on “Next” until you reach the JSON tab and Select “Edit”.
Remove existing permission object and add the following permissions object :
{
"actions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write"
],
"notActions": [],
"dataActions": [
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/tags/write",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action",
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/modifyPermissions/action"
],
"notDataActions": []
}
Click on “Save” and lastly click on “Review and Create”.
C. Permissions to be granted
You have to assign permissions for your app (created in Prerequisite A), which you will use to authenticate your calls to Azure Blob Storage.
Go to the Azure portal, search for “Subscriptions''. Select your active subscription.
Click on “Access control (IAM)”
Select “Role assignments”
Click “Add”
Select “Add role assignment”
Select the role search for the app name created in Prerequisite(B)
In the “Select” dropdown, search for the app name created in Prerequisite(A)
Save.
Now the app will have access to the resources under your active subscription.
Installation Parameters
Client ID
Secret Key
Tenant ID
Steps to get the above installation parameters :
All installation parameters can be found in the Azure portal.
Once you login into your account on the Azure portal
Navigate to search for “Azure Active Directory.”
On the active directory page, click on Overview > Copy “Tenant ID” in the left side panel.
App Registrations > Open App > Copy “Application (client) ID”
App Registrations > Certificates & secrets (left panel) > Click on “New client secret” > Copy “Value”, which is your secret key.
The following parameters are required for performing Freshservice ticket operations using Azure Blob Storage.
Freshservice Domain - The domain of your Freshservice tenant. Example: demo.freshservice.com
Freshservice API Key - Login to your Freshservice tenant. Click on your profile icon then "Profile Settings" on the right-side pane; under "Your API Key," complete the captcha and copy your API key.
