![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 80%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,834 questions
Hi Sudha Reddy,
Thanks for reaching out to Microsoft Q&A.
If public network access to your Azure Blob Storage account is disabled, and you need to perform a 'Put Blob' operation through the Oracle Integration Cloud (OIC) using the Azure Storage adapter, there are a few alternatives you can explore:
Private Endpoint (Recommended): Private Endpoints allow secure communication with Azure resources (like Blob Storage) from your private network (e.g., OIC hosted on an Azure VNet or a connected network).
Steps:
- Create a Private Endpoint for your Azure Blob Storage account in the Azure portal.
- Ensure that your Oracle Integration Cloud (OIC) instance is within the same virtual network or can connect to the virtual network where the private endpoint is located (this can be done through VNet peering or site-to-site VPN).
- Configure OIC to use the private endpoint to access the Blob Storage account.
This ensures that even with public network access disabled, you can securely access the Blob Storage over a private connection.
Service Endpoints: If OIC is hosted on an Azure Virtual Network (VNet), you can enable Service Endpoints for Azure Storage in your VNet to allow access to Blob Storage without enabling public access.
Use Azure Managed Identity: If OIC supports authentication through Azure Managed Identity, you can use a Managed Identity to authenticate and securely access Azure Blob Storage without needing public network access. This option enhances security by removing the need for public network access or even SAS tokens.
Use a Proxy or VPN: If OIC is hosted externally and cannot directly access the private endpoint or VNet service endpoint, you can use a VPN or proxy server to route traffic from OIC through a secure channel to Azure Blob Storage.
SAS Token with IP Restriction: If none of the above options are feasible, you can still use SAS tokens with IP restrictions. While public access will be disabled, you can configure the SAS token to allow specific IP ranges (like the IP addresses of your OIC) to perform blob operations.
If OIC is hosted in Azure or can be connected to Azure, using Private Endpoints is the most secure and efficient approach.
Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.