Storage Authentication Information settings
In HULFT Cloud Storage Option Ver.8.5.1 or higher, you can use the individual settings or default settings of the object storage authentication information according to actual operations.
Specify the individual settings or default settings of the authentication information in the Storage Authentication Information.
The settings for the Storage Authentication Information to configure the individual settings or default settings are shown below.
-
When configuring the individual settings
You can configure the settings of the object storage authentication information for each transfer destination (individual settings) by registering values in the Storage Authentication Information in the Cloud Storage DB.
If you specify Storage Authentication Information ID in the Receive Storage Management Information or the Send Storage Management Information, the individual settings information registered for the ID is used.
-
When configuring the default settings
You can configure the settings that are used in common when the individual settings are not specified (default settings) by registering values in the default information for the Storage Authentication Information in the Cloud Storage DB.
If you do not specify Storage Authentication Information ID in the Receive Storage Management Information or the Send Storage Management Information, the default settings information is used.
For the Storage Authentication Information and the default information, you can register only the necessary fields instead of registering all of the fields.
If you do not register a value in the Storage Authentication Information, the value registered in the default information is used.
If you do not register a default value, the value in the downward-compatible settings is used.
The transfer-related information that can be set to the Storage Authentication Information or the default information is shown below.
|
Field Name |
Whether It Can Be Omitted |
|---|---|
|
Storage Authentication Information ID |
(*1) |
|
Azure Storage Account |
✓ |
|
Azure Storage SAS Token |
✓ |
|
Azure Storage Key |
✓ |
|
Enable Managed ID |
✓ (*2) |
|
✓ |
: |
Optional |
|
Blank |
: |
Mandatory |
|
*1 |
: |
In the default information, this field does not exist and cannot be set. |
|
*2 |
: |
You can set this field in HULFT Cloud Storage Option Ver.8.5.6 or higher. |
For details on the fields, refer to Utilities on Azure Blob Storage.
For Azure Blob Storage, for the details on how to get an account name and access key and how to create an SAS token, refer to the respective documents provided by Azure.
When you set Enable Managed ID to "Enabled (ON)" for the Storage Authentication Information on the Cloud Storage DB, the Azure Active Directory (Azure AD) authentication that uses the managed identity for the Azure resource is used. For details on Azure Active Directory (Azure AD) authentication, refer to the respective documents provided by Azure.
For usage examples of the utilities to configure the individual settings or default settings of authentication information, refer to the following:
-
Registering the object storage authentication information for each transfer destination (bucket)
-
Registering the object storage authentication information to use in common for file transfers
Priority of use for setting values
When you use Azure Blob Storage, authentication that uses either an Azure storage SAS token or an Azure storage key is called "Shared Key authentication".
If you set the values for "Shared Key authentication" and set the managed identity to "Enabled", the values for "Shared Key authentication" are prioritized and used.
If you specify both the Azure storage SAS token and Azure storage key, the Azure storage SAS token specified in the Storage Authentication Information, in the default information for the Storage Authentication Information, or in the environment variables is used prior to the Azure storage key.
The priority of the fields is shown in the table below.
|
Priority |
Location of the Setting |
Field |
|---|---|---|
|
1 |
Storage Authentication Information |
Azure Storage SAS Token |
|
2 |
Default information for the Storage Authentication Information |
|
|
3 |
Environment variable |
|
|
4 |
Storage Authentication Information |
Azure Storage Key |
|
5 |
Default information for the Storage Authentication Information |
|
|
6 |
Environment variable |
|
|
7 |
Storage Authentication Information |
Enable Managed ID |
|
8 |
Default information for the Storage Authentication Information |
Registering or deleting the Storage Authentication Information
For the Storage Authentication Information, check the settings by using the output command included in the HULFT Cloud Storage Option utilities, and then register or delete the content.
For details on the HULFT Cloud Storage Option utilities, refer to Utilities on Azure Blob Storage.