When you use IAM delegated access to add your unlabeled data to Labelbox, you can keep your assets in Microsoft Azure Blob Storage and grant Labelbox read-only access to your Azure storage containers.
Azure Data Lake Storage
Labelbox is currently not compatible with ADLS Gen2. To set up this integration, you must use Azure Blob Storage.
First, you will need to get the relevant information for this integration from your Microsoft Azure account.
- Navigate to your Azure blob storage container that you want to use with Labelbox.
- Navigate to Azure Active Directory and select the desired tenant you want to use with Labelbox.
Next, open up a new integration in Labelbox and input the information you gathered in the previous section.
Log into Labelbox.
Navigate to the Integrations tab and click New integration.
Select the Azure integration.
Enter the details from Step 1.
If this is your first time setting this up, please follow instructions under Attach roles to add Labelbox to your Azure tenant.
Azure can take a few hours to create this service principal once you hit Accept.
If you are not sure about the creation, confirm by searching for the application using these steps.
Now, you must assign roles to the Container and its parent Storage Account.
|Storage Blob Delegator
|Parent Storage Account
|Storage Blob Data Reader
If you have IP restrictions for the storage account, you need to add the following IP addresses for Labelbox:
22.214.171.124. For help, see Grant access from an internet IP range (Microsoft Learn).
To learn more about Labelbox IP addresses, see Labelbox IP addresses.
Navigate to Access Control (IAM) page within your Storage Account. This should be the resources that owns your Containers.
Select Add role assignment and set Role to Storage Blob Delegator, and then assign access to Labelbox Delegated Access app.
Storage Blob Data Reader
Navigate to Access Control (IAM) page within your Container.
Click Add role assignment, Add Storage Blob Data Reader and assign to Labelbox Delegated Access app.
RBAC changes can take up to 30 mins
If you are running into any issues, such as the dataset not loading in Labelbox, it is likely that the permissions are not applied correctly. Any role-based-access-control (RBAC) changes you make can take up to 30 mins to take into effect. Learn more.
To grant admin consent for Labelbox, you must set the following permissions. Note: Labelbox only requires tenant ID and no certificate/secret.
In this final step, go back to the Integrations tab in the Labelbox UI and check whether the integration setup was successful.
Example Azure URL
Ensure that you are using Azure URLs when creating datasets. Read Azure docs to learn how to generate blob URL in a container.
Now proceed to generate a JSON file containing Azure Blob Storage URIs.
Now that the connection is established, use the SDK to connect data to Labelbox. Click through the links below to find the import format and instructions for uploading your data type.
|Tiled imagery (Slippy maps)
|Tiled imagery (COG, NITF, GeoTIFF)
Updated 3 months ago