Wagtail connecting to Azure Storage Blob Container with SAS

In a previous article I showed how I connected to Azure Storage for static files and uploads, but this example used the main account key. This means any app using the key can connect to all containers, create containers etc. A better practice is to use Shared Access Signatures. You can create one in the Azure portal against a container, setting various permissions and time expiry, or you can write code that generates one for a short period of time for the app to use in subsequent requests.

I recently switched to using a SAS token for a new production Wagtail instance, the first one that we’ve used Azure Storage, and that we’ve put on Azure using Kubernetes. (AKS)

With Wagtail I’ve used django-storages and the Azure sdk, however django-storages is not that maintained, and doesn’t seem to work with the latest versions of the Azure SDK (https://github.com/jschneier/django-storages/issues/476)

django-storages has very minimal docs too which is a shame.

Changing the code to use SAS token resulted in a The specified resource does not exist. error , if you experience this make sure you provide the parameter names, rather just the comma delimited values.

@property
def connection(self):
     if self._connection isNone:
         self._connection = BlobService(account_name=self.account_name,                              account_key=self.account_key, sas_token=self.sas_token)
     return self._connection
Once you’ve setup the SAS policy on the container , you can get a key by using the Azure Storage Explorer Client Desktop app.
I’m interested to know how in the more non persistent ‘container based future’ how people are handling things like image uploads, assets etc, are there better libraries than django-storages for using cloud storage backends with Wagtail?
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.