Azure Blob Storage
Experimental
Creates:
Assets
Configure in the UI
This plugin can be configured directly in the Marmot UI with a step-by-step wizard.
View GuideThe Azure Blob Storage plugin discovers containers from Azure Storage accounts. It captures container metadata including access levels, lease status, and custom metadata.
Connection Examples
Required Permissions
The following Azure RBAC role is recommended:
- Storage Blob Data Reader - Read access to containers and blobs
Or use a custom role with these permissions:
Microsoft.Storage/storageAccounts/blobServices/containers/readMicrosoft.Storage/storageAccounts/blobServices/containers/blobs/read
Example Configuration
connection_string: "${AZURE_STORAGE_CONNECTION_STRING}"
include_metadata: true
include_blob_count: false
filter:
include:
- "^data-.*"
exclude:
- ".*-temp$"
tags:
- "azure"
- "storage"
Configuration
The following configuration options are available:
| Property | Type | Required | Description |
|---|---|---|---|
| account_key | string | false | Azure Storage account key |
| account_name | string | false | Azure Storage account name |
| connection_string | string | false | Azure Storage connection string |
| endpoint | string | false | Custom endpoint URL (for Azurite or other emulators) |
| external_links | []ExternalLink | false | External links to show on all assets |
| filter | plugin.Filter | false | Filter containers by name pattern |
| include_blob_count | bool | false | Count blobs in each container (can be slow for large containers) |
| include_metadata | bool | false | Include container metadata |
| tags | TagsConfig | false | Tags to apply to discovered assets |
Available Metadata
The following metadata fields are available:
| Field | Type | Description |
|---|---|---|
| blob_count | int64 | Number of blobs in the container |
| container_name | string | Name of the container |
| etag | string | Entity tag for the container |
| has_immutability_policy | bool | Whether container has an immutability policy |
| has_legal_hold | bool | Whether container has a legal hold |
| last_modified | string | Last modification timestamp |
| lease_state | string | Lease state (available/leased/expired/breaking/broken) |
| lease_status | string | Lease status (locked/unlocked) |
| public_access | string | Public access level (none/blob/container) |