Sunday, January 24, 2021

Giving a guest user rights to create a static site

(written on Jan 31st and back published to Jan 24th)

We created a new external user, granted that user rights, and then that user deleted the resources it had rights to.  Now let's grant rights to create a specific resource type and see if we can get a new static site created and managed by our guest user.

So, log into the Azure Portal using the subscription owner and click on <all resources>

Click on the <add>
type storage account in the search box and click on <storage account>
Click on <create>
Then click on <create new> below the resource group and we will add a new one by naming it and clicking on <ok>
Now scroll down and type in the storage account name and click on <review + create>
Then click <create>
Click <go to resource>
Click on <access control (iam)>
Click <+ add> and <add role assignment>
Choose Contributor as the role and then click on your guest account and click <save>
Now log out of the portal and log back in using your guest account.  I am going to give PaleMoon a spin for this section.  Once you are logged in, click on <all resources>
Then click on your service account name
Type <static> in the search box and then click on <static website>
Click on <enabled>
Then type index.html in the Index document name and error.html in the Error document path and click <save> 
Note the url listed in the Primary endpoint so that we can use it later (mine is https://guestsite.z13.web.core.windows.net/).  You can click the 'stacked document' icon to have it copied to your clipboard, I did.
Now, click back to the base information for the resource using the name in the breadcrumb at the top
And open in Storage Explorer within your browser by clicking on <storage explorer (preview)> or if you have access to install software and want to use a local program you can click on <open in explorer> to launch it locally
Open up <blob containers> and <$web> and then click <upload>
Click on the folder icon
and then browse to the two html files we created much earlier, select them, and click <open>
Click <upload>
Once they finish it will look something like this
Open a new tab and confirm that your site is up and we are done!
Note that you are using https which means you are using a secure pipe between the server hosting your page and your browser.