GuidesAPI ReferenceRelease NotesTutorials
Guides

Attach a Microsoft Azure volume

Suggest Edits

šŸ“˜

Microsoft Azure is available on demand. Please contact our support for more information.

Overview

Attach a volume for use on BioData Catalyst powered by Seven Bridges's visual interface. Use this tutorial if your cloud storage provider is Microsoft Azure.

Or, learn more if your cloud storage provider is Amazon Web Services (AWS) orĀ Google Cloud Storage (GCS).

Prerequisites

  1. A Microsoft AzureĀ account
  2. A storage container within this Azure account.
  3. (Optional) Completed app registration and role assignmentĀ on the Azure Portal. If you haven't completed this step, don't worry, the instructions below will guide you through the entire process.

Procedure

  1. Access the Volumes dashboard.
  2. Choose the cloud storage provider for your volume.
  3. Provide app details.
  4. Enter the required Azure credentials.
  5. Provide storage container details.
  6. Assign roles on the Azure Portal.
  7. Configure additional options.
  8. Review volume details and confirm to connect your volume.

Step 1: Access the Volumes Dashboard

This step takes place on BioData Catalyst powered by Seven Bridges

  1. Click on theĀ DataĀ tab of the top navigation bar.
  2. SelectĀ VolumesĀ from the drop-down menu.

Step 2: Choose the cloud storage provider

This step takes place on BioData Catalyst powered by Seven Bridges

  1. On the Volumes Dashboard, click Connect Storage.
  2. Select AzureĀ as your cloud storage provider.
  3. Click Next.

Step 3: Provide application details

Provide details of the Microsoft Azure application that will be used to establish a connection to the container that you want to attach to Platform. This information is available in the overview of the application on theĀ Azure Portal. If you have already registered an application for this purpose by following theĀ app registration and role assignment guide, copy itsĀ Application (client) ID andĀ Directory (tenant) ID and enter them in the volume connection wizard. If you haven't done so, follow the steps below to register a new application:

  1. Go to theĀ Azure Portal.
  2. UnderĀ  selectĀ Microsoft Entra ID.
  3. In the pane on the left, under Manage, clickĀ App registrations.
  4. ClickĀ New registration.
  5. Enter the name of the new app, for exampleĀ sbg-appĀ and clickĀ Register. Application details are displayed. Note that theĀ Application (client) IDĀ andĀ Directory (tenant) IDĀ of the app are required to attach the storage container to Platform.
  6. On BioData Catalyst powered by Seven Bridges, enter the Application (client) ID andĀ Directory (tenant) ID.
  7. Click Next.

Step 4: Enter the client secret value

If you have already created a client secret for this purpose by following theĀ app registration and role assignment guide, copy its Value and enter it in the volume connection wizard. If you haven't done so, follow the steps below to create a new client secret:

  1. On theĀ Azure Portal,Ā select the app you created for the purpose of attaching your container to Platform.
  2. In the pane on the left clickĀ Certificates & secrets.
  3. UnderĀ Client secretsĀ clickĀ New client secret.
  4. Add aĀ DescriptionĀ (e.g.Ā sbg-secret)Ā and forĀ ExpiresĀ selectĀ 730 days (24 months).
  5. ClickĀ Add. You have added a new secret. Copy theĀ information from itsĀ Value field.
  6. On BioData Catalyst powered by Seven Bridges, enter the Value of the client secret.
  7. Click Next.

Step 5: Provide volume information

Provide details related to your Microsoft Azure storage container and the way it will be connected to Platform.

  1. Enter the name of the Storage account which holds the container you want to attach.
  2. Enter the Resource ID. Get it by opening the JSON View on your storage account's Overview page on the Azure Portal.
  3. In Container name, enter the name of the container you want to attach.
  4. Enter a Volume name, which is how the attached container will be named on Platform.
  5. (Optional) Enter a description for the attached container (volume).
  6. Select access privileges for the volume: The only supported access at the moment is Read only (RO), which means that you will be able to read files from the volume, but not write (export) files to it.
  7. (Optional) Enter the root (prefix). If set, access to the attached container will be limited to the defined root location and its subdirectories.
  8. Click Next.

Step 6:Ā Assign roles

This step takes place on the Azure Portal. If you have already completed role assignment by following theĀ app registration and role assignment guide, skip this step and continue to configuring additional options.

In order to allow the connection with your Azure container, you need to assign roles to your registered application.

  1. Open the storage account that holds the container you want to connect. The account may be displayed under Resources, on your Azure Portal home page.
  2. Select Access Control (IAM) from the menu on the left.
  3. Click Add, then clickĀ Add role assignment.
  4. In the Role field select the Storage Blob Delegator role and click Next.
  5. Under Members, click Select members and search for your registered application (e.g. sbg-app).
  6. Click Select.
  7. Click Next
  8. Click Review + assign. You have now added the Storage Blob Delegator role.

šŸ“˜

Repeat the previous steps, this time by selecting theĀ Reader role.

Once you are done adding roles for your app in storage account settings, continue by assigning an appropriate role to the container you want to attach to Platform:

  1. Open the container you entered in the previous step and select Access Control (IAM) from the menu on the left.
  2. Click Add >Ā Add role assignment.
  3. In theRole fieldĀ select the Storage Blob Data ReaderĀ role and click Next.
  4. Under Members, click Select members and search for your registered application (e.g. sbg-app).
  5. Click Select.
  6. Click Next.
  7. Keep the Conditions tab as is and click Next.
  8. Click Review + assign.

You have now assigned all required roles to your registered application. Click Next to continue.

Step 7: Configure additional options

Enter a Microsoft Azure endpoint, only if you are using an endpoint that is different from the default oneĀ https://(serviceaccount).blob.core.windows.net. To make a non-default endpoint work with Platform, please first make sure it is supported by Seven Bridges. For more information, please contactĀ [email protected].

Step 8: Review volume details

On this tab, review the details for your volume and click Connect.

Next step

Congratulations! You've attached your Microsoft Azure storage container as a volume to Platform. You can makeĀ individual data objects within it available as "aliases"Ā on Platform. Aliases point to files stored on your cloud storage bucket and can be copied, executed, andĀ organized like normal filesĀ on Platform. We call this operation "importing". Learn more aboutĀ working with aliases.

Updated 2 months ago