![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 60%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,921 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 64%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENR%3C/text%3E%3C/svg%3E)
Hello Pankaj Dua,
Greetings! Welcome to Microsoft Q&A Platform.
Storage Blob Data Contributor RBAC role only lets you manage the Data actions i.e (Read, write, and delete Azure Storage containers and blobs) not Management Action i.e to view the Storage account from Azure portal.
To access blob data from the Azure portal using your Azure AD account, both of the following statements must be true for you:
- You have been assigned a built-in role i.e Storage Blob Data Contributor that provides access to blob data.
- You have been assigned the Azure Resource Manager Reader role, at a minimum, scoped to the level of the storage account or higher. The Reader role grants the most restricted permissions, but another Azure Resource Manager role that grants access to storage account management resources is also acceptable.
The Azure Resource Manager Reader role permits users to view storage account resources, but not modify them. It does not provide read permissions to data in Azure Storage, but only to account management resources. The Reader role is necessary so that users can navigate to blob containers in the Azure portal.
There is also another way i.e assign a user with Reader and Data Access Rbac role on Storage account or Resource group level.
Let's you view everything but will not let you delete or create a storage account or contained resource. It will also allow read/write access to all data contained in a storage account via access to storage account keys.
Another possibility might be, if there is someone else who has access in your tenant, can you please confirm whether there is a firewall enabled on the storage account?
If so, your network might be blocked and you may need to make sure the storage account has the network enabled under Storage Account > Networking > Allow Access from Selected Networks. If there is someone else who has access, that person can check and enable "All networks"
Hope this helps! Kindly let us know if the above helps or you need further assistance on this issue.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.