> ## Documentation Index
> Fetch the complete documentation index at: https://docs.strata.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Microsoft Azure Blob Storage

Configure Microsoft Azure Blob Storage as the storage provider for your Maverics deployment. The Console publishes signed config bundles to your Azure Storage container, and Orchestrator instances poll the container for updates.

## Prerequisites

* **An active Azure account** -- with permissions to create and manage storage accounts, containers, and SAS tokens
* **A Maverics Console account** -- with access to create or edit deployments

## Azure Setup

<Steps>
  <Step title="Create a Storage Account">
    In the Azure portal, search for **Storage accounts** and select **Create**.

    Choose your subscription and resource group, enter a unique storage account name, and select a region. Use default settings for the remaining options and click **Review + Create**.
  </Step>

  <Step title="Create a Container">
    Navigate to your storage account and select **Containers** under **Data storage**.

    Click **+ Container**, enter a name (e.g., `maverics-config`), and click **Create**.
  </Step>

  <Step title="Generate a SAS Token">
    On the container, click the three-dot menu (or right-click) and select **Generate SAS**.

    Set **Signing method** to **Account key** and **Signing key** to **Key 1**.

    Under **Permissions**, select **Create**, **Add**, and **Write** (these are the minimum permissions the Console needs to publish bundles).

    Set an appropriate expiry date.

    Click **Generate SAS token and URL**.

    Copy the **Blob SAS token** value (starts with `sv=`) -- you will paste this into the Console's **SAS Token** field.
  </Step>
</Steps>

## Storage Configuration

Configure these fields in the Console when creating or editing a deployment with the **Microsoft Azure Blob Storage** provider.

| Field                   | Required | Description                                                                                        |
| ----------------------- | -------- | -------------------------------------------------------------------------------------------------- |
| Storage Account Name    | Yes      | The unique name of the storage account in Azure                                                    |
| Container Name          | Yes      | The name of the container in your storage account                                                  |
| SAS Token               | Yes      | The shared access signature URI granting access to the container                                   |
| Configuration File Path | No       | The path within the container where the bundle is stored                                           |
| Endpoint                | No       | Override the default Azure API endpoint (e.g., `blob.core.usgovcloudapi.net` for Azure Government) |

<Info>
  The Orchestrator uses the corresponding [config source](/reference/orchestrator/configuration/config-sources) type to retrieve bundles from the deployment provider. If the Console deploys to Azure Blob Storage, the Orchestrator uses the [Azure Blob config source](/reference/orchestrator/configuration/config-sources/azure-blob) to poll for updates.
</Info>

## Common Errors

### Azure deployment 403 error

```
Failed to deploy: error deploying bundle unexpected Azure response: 403
```

The SAS token used for Azure Blob Storage deployment does not have sufficient permissions. Regenerate the SAS token with Create, Add, and Write permissions on the target container.

## Related Pages

<CardGroup cols={2}>
  <Card title="Publishing Deployment Configs Overview" icon="upload" href="/reference/console/config-publishing">
    Bundle format, signing, deployment lifecycle, and revision history
  </Card>

  <Card title="Azure Blob Config Source" icon="microsoft" href="/reference/orchestrator/configuration/config-sources/azure-blob">
    Orchestrator-side Azure Blob configuration source reference
  </Card>

  <Card title="Deploy to Production" icon="rocket" href="/guides/operations/deploy">
    Production deployment guide for the Orchestrator
  </Card>
</CardGroup>
