Before adding a custom storage account to RMS (Ravnur Media Services), you need to grant the RMS managed identity appropriate permissions to access your storage.
In this article:
1. Find the RMS Managed Identity
3. Add storage configuration to the RMS
1. Find the RMS Managed Identity
- In Azure Portal, go to the Resource Group containing your RMS deployment
- Look for the Managed Identity resource (named
id-rms-<unique-suffix>
) - Copy the Managed Identity name to use in steps further
2. Grant storage permissions
- Navigate to your target storage account in Azure Portal
- Go to Access Control (IAM)
- Add a role assignment:
- Role: Storage Blob Data Contributor
- Assign access to: Managed Identity
- Select the RMS Managed Identity you copied earlier
3. Add storage configuration to RMS
- Navigate to RMS Console.
- Select Account settings for the corresponding account.
- Add a new storage account record and confirm you assigned a Storage Blob Data Contributor role earlier.
- The Name field must match the exact name of the existing storage account. The RMS Console does not check this, but an incorrect name will deny access.
- The "Managed Identity" field is automatically populated with the Client ID of the Managed Identity from Ravnur Media Services managed resource group.
- Set the new storage account as Primary.
Important:
It may take up to 10 minutes to propagate the change of the primary storage account throughout the system.