# Storage in your Azure Container *** ## Create a dedicated Storage Account 1. In the Azure Portal, search for **“Storage accounts”** and click **Create**. 2. **Basics** tab: * **Subscription**: choose your subscription. * **Resource group**: pick an existing one or create e.g. `rg-birdie-videos`. * **Storage account name**: * Must be **globally unique**, **lowercase only**, no spaces. * Example: `acmebirdievideos` * **Region**: choose a region near your users (e.g. `West Europe`). * **Performance**: `Standard`. * **Redundancy**: `LRS` is fine unless you need geo-redundancy. 3. **Advanced** tab (important): * **Allow enabling anonymous access on individual containers**:\ ➜ You can leave this **Disabled**.\ Birdie uses **SAS signed URLs**, not public containers. 4. Leave the rest as defaults (unless your internal policies require changes). 5. Click **Review + create** → **Create**. > You now have **one isolated storage account dedicated to Birdie**. *** ## Create a private Blob container 1. Open the storage account you just created (e.g. `acmebirdievideos`). 2. In the left menu, under **Data storage**, click **Containers**. 3. Click **+ Container**: * **Name**: e.g. `birdie-videos` * **Public access level**: **Private (no anonymous access)** 4. Click **Create**. > Birdie will store everything in this container.\ > At this point, **no file is publicly accessible** – even if someone knows the URL. *** ## Configure CORS so browsers can read signed URLs To allow the Birdie web player (in your user’s browser) to fetch videos directly from Azure using signed URLs, you must enable **CORS** on the **Blob service**. 1. In the same storage account, go to: * **Settings** → **Resource sharing (CORS)**\ (or **CORS** under the **Blob service** section) 2. Make sure you are editing **Blob service CORS rules**. 3. Add a **new CORS rule** with the following details: * Allowed origins: `https://*.birdie.so` * Allowed methods: `GET, HEAD, OPTIONS` * Allowed headers: `*` * Exposed headers: `*` * Max age: `3600` 4. Don't forget to **Save** the rule. *** ## Get the 3 credentials Birdie needs #### 1. Storage account name You chose this when creating the account (first step of this guide), for example `acmebirdievideos` *** #### 2. Account key 1. In your storage account, go to: * **Security + networking** → **Access keys** 2. You will see **`key1`** and **`key2`** : copy either **`key1` or `key2`** value. > This key provides access *only* to this **dedicated Birdie storage account**, **not** to other storage accounts in your Azure tenant. *** #### 3. Container name From the **Containers** view of your storage account, e.g. `birdie-videos` *** ## What to send to Birdie {% hint style="info" %} Before sending us the information, ensure that the container testing on is successful. {% endhint %} Please provide Birdie with those 3 informations: 1. **Storage account name** e.g. `acmebirdievideos` 2. **Account key** (from **Access keys →** `key1` or `key2`) 3. **Container name** e.g. `birdie-videos` \ That’s all we need to connect Birdie to your bucket. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.birdie.so/birdie-docs/security/storage-location/storage-in-your-azure-container.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.