Member-only story
How to Host Deployment Artifacts on Azure Blob Storage and Use SAS Tokens in ARM Templates
3 min readDec 27, 2024
When deploying Azure Resource Manager (ARM) templates, you may need to host configuration scripts or other deployment artifacts on Azure Blob Storage. This guide explains how to create a blob storage account, upload artifacts, generate a Shared Access Signature (SAS) token, and integrate these steps into your ARM deployment pipeline.
What is a SAS Token?
A Shared Access Signature (SAS) token is a secure, temporary URL parameter that grants access to specific resources in your Azure storage account without exposing your account keys. It allows granular control over the permissions and duration of access.
Step-by-Step Guide
1. Create a Storage Account
The first step is to create an Azure Storage Account to host your artifacts.
- Login to Azure CLI: Open a terminal and log in:
az login- Create a Resource Group: Group all related resources together:
az group create --name my-resource-group --location eastus- Create a Storage Account: Use the
az storage account createcommand to set up your storage account:
az storage account create \
--name mystorageaccountname \
--resource-group my-resource-group \
--location eastus \
--sku Standard_LRS
