Reputation: 145
Configure CORS by using Azure Resource Manager template
I'm trying to set CORS rule for my storage account as suggested here under Configure CORS by using Azure Resource Manager tools: https://learn.microsoft.com/en-us/azure/app-service-api/app-service-api-cors-consume-javascript
by adding property cors:
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"kind": "Storage",
"name": "[parameters('storageAccounts_teststoragejkjk_name')]",
"apiVersion": "2016-01-01",
"location": "westus",
"tags": {},
"properties": {
"cors": {"allowedOrigins": ["*"]}
},
"resources": [],
"dependsOn": []
}
]
Deployment returns succes and I can see Write StorageAccount operation under Activity Log in Azure Portal but Cors Rules aren't added anywhere and when i download template from Azure it doesn't have this "cors property".
I also tried manually adding Corse Rule (i need it only on my Blob) and automation scripts (including deployment.ps) still looks the same...
Any suggestion on how to configure Cors rule on blob storage using ARM templates?
Upvotes: 12
Views: 7780
Answers (5)
Reputation: 17562
As @JBA pointed out this now works via ARM templates.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "storageAccountName",
"apiVersion": "2018-02-01",
"location": "northeurope",
"kind": "StorageV2",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"tags": {},
"dependsOn": [],
"properties": {
"accessTier": "Hot"
},
"resources": [
{
"name": "default",
"type": "blobServices",
"apiVersion": "2018-11-01",
"dependsOn": [
"storageAccountName"
],
"properties": {
"cors": {
"corsRules": [
{
"allowedOrigins": [
"https://mywebsite.com"
],
"allowedMethods": [
"GET"
],
"maxAgeInSeconds": 0,
"exposedHeaders": [
"*"
],
"allowedHeaders": [
"*"
]
}
]
}
},
"resources": []
},
{
"type": "blobServices/containers",
"apiVersion": "2018-03-01-preview",
"name": "[concat('default/', 'myFilesToShare')]",
"dependsOn": [
"storageAccountName"
],
"properties": {
"publicAccess": "Blob"
}
}
]
}
]
}
Upvotes: 12
Reputation: 220
I came across this thread when googling. It is now possible to set CORS on blob service of storage accounts through ARM template https://learn.microsoft.com/en-us/azure/templates/microsoft.storage/2018-07-01/storageaccounts/blobservices
Have tested and it works
Upvotes: 1
Reputation: 11
Storage account CORS is currently not supported by the Storage Resource Provider, so it cannot be set via templates. As Fred points out, CORS can only be set on the service via the data plane API.
Upvotes: 1
Reputation: 393
What is your deployment client? If you are using Powershell to deploy ARM (w you probably are) why not use Set-AzureStorageCORSRule?
PS C:\>$CorsRules = (@{
AllowedHeaders=@("x-ms-blob-content-type","x-ms-blob-content-disposition");
AllowedOrigins=@("*");
MaxAgeInSeconds=30;
AllowedMethods=@("Get","Connect")},
@{
AllowedOrigins=@("http://www.fabrikam.com","http://www.contoso.com");
ExposedHeaders=@("x-ms-meta-data*","x-ms-meta-customheader");
AllowedHeaders=@("x-ms-meta-target*","x-ms-meta-customheader");
MaxAgeInSeconds=30;
AllowedMethods=@("Put")})
PS C:\> Set-AzureStorageCORSRule -ServiceType Blob -CorsRules $CorsRules
Upvotes: 3
Reputation: 27825
I'm trying to set CORS rule for my storage account
I create a similar ARM template to create a storage account resource, I find that it seems not recognize/accept cors and other properties (such as val that I define) except accountType property.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": { },
"variables": { },
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2015-06-15",
"name": "[concat('storage', uniqueString(resourceGroup().id))]",
"location": "[resourceGroup().location]",
"properties": {
"accountType": "Standard_LRS",
"cors": {
"allowedHeaders": [ "*" ],
"allowedMethods": [ "get", "post", "put" ],
"allowedOrigins": [ "*" ],
"exposedHeaders": [ "*" ],
"maximumAge": 5
},
"val": "123"
}
}
],
"outputs": { }
}
Besides, as we know, we could configure Cors setting for azure storage services (blob, table, queue and file shares), it seems that it does not enable us to configure Cors setting at storage account level directly while deploying storage account template.
Upvotes: 2
Related Questions
- How can I set CORS in Azure BLOB Storage in Portal?
- Setting CORS rules using Azure.Storage.Blobs
- How to set CORS for Azure Blob Service for Premium Storage Account in the Azure Portal?
- Azure storage. Got 403 [url] (CORS not enabled or no matching rule found for this request.)
- How do I enable CORS on Azure Storage Blob
- How to configure CORS setting for Blob storage in windows azure
- Azure Storage CORS configuration
- windows azure : set blob CORS properties using NodeJS
- Cors Error on Microsoft Azure Cloud Storage
- CORS and Azure Storage (PHP)