Interact with Azure Blobs Using REST

45 minutes
  • 2 Learning Objectives

About this Hands-on Lab

Azure provides a variety of ways to interact with Blob storage. You can manage and access Blob storage using the Azure portal, a command line, or your own custom code. In this hands-on lab, you will have the opportunity to work with Azure storage using the Azure Blob Service REST API. Using basic HTTP requests, you will download some data stored in a blob, modify it, and re-upload the modified data to the blob.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Authenticate with the Azure Blob Service REST API and Download the File
  1. Log in to the provided VM using the Public IP address and credentials.
  2. Create a signed authorization header in order to authenticate. To do so, we first need to set some temporary environment variables to aid in some future commands. For the storage_account and access_key, provide the actual storage account name and access key. One way to obtain these is to log in to the Azure portal. The access key can be found by clicking the storage account, then clicking Access Keys.
    request_date=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z")
    storage_account="your storage account name"
    access_key="your storage account access key"
  3. Create a temporary environment variable containing the list of headers that need to be signed:
  4. Create a variable that contains the full string that will be signed:
  5. Create a variable that contains the access key decoded and converted to hex:
    hex_key="$(echo -n $access_key | base64 -d -w0 | xxd -p -c256)"
  6. Generate the signature and Authorization header:
    signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$hex_key" -binary |  base64 -w0)
    authorization_header="SharedKey $storage_account:$signature"

    8.Download the Blob data to a local file:

    curl -H "x-ms-date:$request_date" 
    -H "x-ms-version:$storage_service_version" 
    -H "Authorization: $authorization_header" 
    "https://${storage_account}" > cars.csv
  7. Verify the file contains the data. You should see a comma-delimited list of records representing various cars:
    cat cars.csv
Modify the File and Re-Upload it to Blob Storage
  1. Edit the data file:
    vi cars.csv
  2. Add the new customer record to the end of the file:
  3. Generate a new authorization header:
    request_date=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z")
    file_length=$(wc -m < cars.csv)
    hex_key="$(echo -n $access_key | base64 -d -w0 | xxd -p -c256)"
    signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$hex_key" -binary |  base64 -w0)
    authorization_header="SharedKey $storage_account:$signature"
  4. Upload the modified data to the Blob.
    curl -X PUT -H "x-ms-blob-type:BlockBlob" 
    -H "x-ms-date:$request_date" 
    -H "x-ms-version:$storage_service_version" 
    -H "Authorization: $authorization_header" 
    -H "Content-Length:$file_length" 
    -H "Content-Type:$content_type" 
    --data-binary "@cars.csv" 
  5. If you wish, you can locate the Blob in the Azure portal and click Edit to verify that your changes appear.

Additional Resources

Your company, Store All The Things!, offers customers the ability to store any object. Several customers use your company to store valuable cars. There is a special list of these cars located in Azure Blob storage. A new customer has brought in a car to be stored. You will need to add this new data to the list. Luckily, you can accomplish this using the Blob Service REST API.

Log in to the provided virtual machine. Download the file from Blob Storage, add the new customer's record to the end of the file, then upload the newly-modified file to the Blob.

Here is some additional information that you will need:

  • The Blob is located under a storage account that begins with sattrecords. There is only one such storage account in the resource group.
  • The Blob is located in a container called records.
  • The Blob is named cars.
  • The Blob is a Block Blob.
  • The new customer record should look like this: 57991237,2020,Tesla,Cybertruck,X3B-33.

If you get stuck, feel free to check out the solution video, or the detailed instructions under each objective. Good luck!

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?