Azure configuration for Vault backend storage
The Azure storage backend is used to persist Vault's data in an Azure Storage Container. The storage container must already exist and the provided account credentials must have read and write permissions to the storage container. The storage account type must support block blobs. This currently includes the general purpose "Storage V2" type with Standard performance (Premium will not work), as well as Premium "Block Blob Storage" (limited region availability).
No High Availability – the Azure storage backend does not support high availability.
Community Supported – the Azure storage backend is supported by the community. While it has undergone review by HashiCorp employees, they may not be as knowledgeable about the technology. If you encounter problems with them, you may be referred to the original author.
storage "azure" {
accountName = "my-storage-account"
accountKey = "abcd1234"
container = "container-efgh5678"
environment = "AzurePublicCloud"
}
The current implementation is limited to a maximum of 4 megabytes per blob.
azure
parameters
accountName
(string: <required>)
– Specifies the Azure Storage account name.accountKey
(string: <optional>)
– Specifies the Azure Storage account key, if left empty, uses managed identity auth.container
(string: <required>)
– Specifies the Azure Storage Blob container name.environment
(string: "AzurePublicCloud")
- Specifies the cloud environment the storage account belongs to by way of the case-insensitive name defined in the Azure Go SDK.arm_endpoint
(string: "")
- Specifies the cloud environment the storage account belongs to by way of the Azure Resource Manager endpoint URL.max_parallel
(string: "128")
– Specifies The maximum number of concurrent requests to Azure.
azure
examples
This example shows configuring the Azure storage backend with a custom number of maximum parallel connections.
storage "azure" {
accountName = "my-storage-account"
accountKey = "abcd1234"
container = "container-efgh5678"
max_parallel = 512
}