Configure Azure Blob Storage for External Replication

External Replication is a feature on the Egnyte Platform that allows the users to easily replicate their Egnyte data to a third-party cloud. Egnyte now introduces the ability to add Microsoft Azure as a destination for external replication. 

 

Steps to Configure Azure Blob Storage for External Replication

1. In the Azure portal, navigate to Storage Accounts.
   
2. Select the Storage account, and ensure that it has at least one container.
   
3. Copy the Subscription ID from the Essentials section. This will be required later for configuration. 
   
   The Storage Account’s permissions are contained by its corresponding Resource Account.
4. Go back to Home -> Storage Accounts. On the page that opens up, the Resource group will be available containing the Storage Account.
   
5. In order to give a user permission to access the Storage Account, navigate to Home -> Resource groups -> select the resource group that the storage account is a part of. Now, click Access Control (IAM) and select Add under Create a custom role. 
   
6. In the custom role configuration, create a role called External Replication, copy the following code and paste it in the JSON tab. Replace the highlighted portion with the Subscription ID copied earlier and storage account name respectively.
   
   

   {

       "properties": {

           "roleName": "External Replication",

           "description": "",

           "assignableScopes": [

               "/subscriptions/replace with Subscription ID/resourceGroup/replaceWithResourceGroup/providers/Microsoft.Storage/storageAccounts/replace with storage account name"

           ],

           "permissions": [

               {

                   "actions": [

                       "Microsoft.Storage/storageAccounts/read",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/read",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/write",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/delete",

                       "Microsoft.Storage/storageAccounts/listkeys/action"

                   ],

                   "notActions": [],

                   "dataActions": [

                       "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/move/action",

                       "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/add/action"

                   ],

                   "notDataActions": []

               }

           ]

       }

   }

   
   

    

7. Navigate to Review + Create -> Create.
   
8. Navigate back to Home -> Storage Accounts -> click on the specific storage account -> Access Control (IAM) page. Assign access by clicking Add role assignment.
   
9. Search the role name External Replication, click the role -> Next.
   
10. Choose Managed Identity in the Assign access to radio group.
    
11. Click on Review + Assign.
    

The Azure storage account will be ready for external replication.

Additional Resources

• External Replication Overview
• Configure Amazon S3 or Wasabi for External Replication
• Create a New Replication Job
• View And Modify Existing External Replication Jobs