-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support another Azure cloud storage authentication using security principal #5858
Comments
machov
changed the title
Enable Azure security principal to access the cloud storage
Support another Azure cloud storage authentication using security principal
May 9, 2024
@KonstantinKorotaev @jombooth @dredivaris @Axel-Jacobsen any thoughts? is this in your roadmap? would you welcome a PR for this? thank you! :) |
not on my roadmap :p |
though I should note, I am not a part of HumanSignal and haven't touched this repo for upwards of half a year |
@niklub @robot-ci-heartex any thoughts? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
The current Label Studio Azure Cloud Storage connection only supports one form of authentication using Shared Key authorization for blobs with
AZURE_BLOB_ACCOUNT_NAME
andAZURE_BLOB_ACCOUNT_KEY
to specify the secret key for the storage account. However Azure has many more authentication methodsDescribe the solution you'd like
I'd like to have Microsoft Entra integration for authorizing requests to blob and use Azure role-based access control (Azure RBAC) security principal to access the cloud storage. This will require a few new different parameters:
AZURE_CLIENT_ID
AZURE_CLIENT_SECRET
instead of
AZURE_BLOB_ACCOUNT_KEY
Describe alternatives you've considered
I've tried the existing AZURE_BLOB_ACCOUNT_KEY, but this is not allowed at my current organization
The text was updated successfully, but these errors were encountered: