MAVERICS_AZURE_CONFIG environment variable.
Console terminology: In the Maverics Console, Orchestrator instances and
configuration delivery are managed through Deployments. When working directly
with YAML, configuration is managed as files delivered via the
-config flag or
MAVERICS_CONFIG environment variable.Prerequisites
- An active Azure account — with access to the storage account and container where configuration is stored
- A storage account and container — already provisioned in Azure (see the Console Azure Blob Storage setup guide)
- A SAS token with read access — generated with List and Read permissions on the container (see steps below)
Overview
When theMAVERICS_AZURE_CONFIG environment variable is set, the Orchestrator fetches its YAML configuration from the specified Azure storage account, container, and blob path. The variable contains a JSON payload with connection details and SAS token authentication. The Orchestrator supports ETag-based change detection for automatic hot-reload.
Use Cases
- Azure-native deployments — store configuration in Azure Storage alongside other Azure infrastructure resources
- Azure DevOps pipelines — publish validated configuration to Blob Storage as part of Azure DevOps CI/CD workflows
- Multi-region with Azure — leverage Azure Storage geo-replication to distribute configuration across regions
Generating a SAS Token
Navigate to Your Container
In the Azure portal, go to your storage account and select Containers under Data storage.Select the container that holds (or will hold) Orchestrator configuration.
Generate the SAS Token
Click the three-dot menu (or right-click) on the container and select Generate SAS.Set Signing method to Account key and Signing key to Key 1.Under Permissions, select List and Read only (the Orchestrator only needs to read configuration, not write it).Set an appropriate expiry date.Click Generate SAS token and URL.Copy the Blob SAS token value (starts with
sv=) — use this as the token value in MAVERICS_AZURE_CONFIG.Configuration
- Console UI
- Configuration
Console UI documentation is coming soon. This section will walk you
through configuring this component using the Maverics Console’s visual
interface, including step-by-step screenshots and field descriptions.
Configuration Reference
TheMAVERICS_AZURE_CONFIG JSON payload supports the following fields:
| Field | Type | Required | Description |
|---|---|---|---|
account | string | Yes | Azure storage account name |
container | string | Yes | Blob container name |
token | string | Yes | SAS token for authentication |
configurationFilePath | string | Yes | Path to the config file within the container |
storageDomain | string | No | Storage domain (default: blob.core.windows.net) |
MAVERICS_RELOAD_CONFIG=true is set, the Orchestrator periodically checks the blob’s ETag. When the ETag changes (indicating the blob was updated), the Orchestrator reloads the configuration automatically.
Full Environment Example
A completemaverics.env file for an Orchestrator using Azure Blob Storage as its config source:
maverics.env
Troubleshooting
- Authentication failed — verify the SAS token has not expired. SAS tokens have a configurable expiration time. Generate a new token with read access to the blob.
- Container not found — confirm the
accountandcontainervalues are correct. Container names are case-sensitive and must be lowercase. - Custom domain — if using Azure Government or a custom storage domain, set the
storageDomainfield (e.g.,blob.core.usgovcloudapi.net). - Config not reloading — ensure
MAVERICS_RELOAD_CONFIG=trueis set. Check Orchestrator logs for ETag change detection messages.