Azure Blob Storage configuration

Using V7's external Azure integration, you can keep your data stored within a private Azure Blob Storage storage account. Please note that Azure supports multiple data storage technologies (official list), but this integration uses Blob Storage only.
Check out the diagram here to see how this integrations works in general, and if you're ready to get started follow our step-by-step instructions to create the integration.

🚧

The Azure integration is available on V7's Business and Enterprise plans. You can find out more about what each plan includes on our pricing page.

Read / Write access

To setup storage access, first we need to add V7's application registration to your account. This is done by using "admin consent URL" (https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent). For V7's application this would be (replace tenant-id with your tenant's ID):

https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id=95e63529-38cc-435c-b247-32a1d62f321d

After this is done, we need to add relevant roles for V7's darwin-storage service principal that is now available in your tenant:

  • Read via Storage Blob Data Reader
  • Write via Storage Blob Data Contributor (optional)

If you don't need Darwin to process images after they are uploaded (e.g. generate thumbnails, split video frames etc), then you can leave out the Write access via Storage Blob Data Contributor.

CORS access

When annotators are requesting images to annotate, they will load them directly from your storage account via a presigned url. However since that storage account sits on a different domain than darwin.v7labs.com a CORS header needs to be configured.

This can be configured via UI or with CLI:

az storage cors add --methods 'GET' --origins 'https://darwin.v7labs.com' --allowed-headers '*' --services b --account-name {storage-account-name}
az storage cors add --methods 'PUT' --origins 'https://darwin.v7labs.com' --allowed-headers '*' --services b --account-name {storage-account-name}

Activation

When this is all setup, please message [email protected] with the following details:

  • Storage account name
  • Tenant ID
  • Prefix (name of existing container) where we can upload thumbnails if needed (often /darwin)
  • Your team name
    And we will turn on the external access for your team.

If you encounter any issues or have any questions feel free to contact us at [email protected]