Microsoft Azure Blob Storage

Import your Azure Blob Storage data via IAM Delegated Access.

When you use IAM delegated access to add your unlabeled data to Labelbox, you can keep your assets in Microsoft Azure Blob Storage and grant Labelbox read-only access to your Azure storage containers.

10001000

Azure Delegated Access client request flow

πŸ“˜

Azure Data Lake Storage

Labelbox is currently not compatible with ADLS Gen2. To set up this integration, you must use Azure Blob Storage.

Step 1: Get tenant ID and container URL

First, you will need to get the relevant information for this integration from your Microsoft Azure account.

  1. Navigate to your Azure blob storage container that you want to use with Labelbox.
17501750

Copy Azure storage container URL

  1. Navigate to Azure Active Directory and select the desired tenant you want to use with Labelbox.
20262026

Copy Tenant ID from Azure Active Directory

Step 2: Create Azure integration in Labelbox

Next, open up a new integration in Labelbox and input the information you gathered in the previous section.

  1. Log into Labelbox.

  2. Navigate to the Integrations tab and click New integration.

  3. Select the Azure integration.

  4. Enter the details from Step 1.

  5. If this is your first time setting this up, please follow instructions under Attach roles to add Labelbox to your Azure tenant.

20022002 18181818

🚧

Azure can take few hours to create this service principal once you hit Accept.

If you are not sure about the creation, confirm by searching for the application using these steps.

Step 3: Grant the permissions to Labelbox app

Now, you must assign roles to the Container and its parent Storage Account.

PermissionsResource
Storage Blob DelegatorParent Storage Account
Storage Blob Data ReaderContainer

Storage Blob Delegator

  1. Navigate to Access Control (IAM) page within your Storage Account. Note that this is the parent resource within which Containers exist.

  2. Click Add role assignment, Add Storage Blob Delegator and assign to Labelbox Delegated Access app.

24442444

Access Control (IAM) page for Storage Account

Storage Blob Data Reader

  1. Navigate to Access Control (IAM) page within your Container.

  2. Click Add role assignment, Add Storage Blob Data Reader and assign to Labelbox Delegated Access app.

25542554

Access Control (IAM) page for Container

πŸ“˜

RBAC changes can take upto 30 mins

If you are running into any issues such as the dataset not loading in Labelbox, it is likely that the permissions are not applied correctly. Any changes you make can take up to 30 mins to take into effect. Learn more.

Step 4: Validate the integration

In this final step, go back to the Integrations tab in the Labelbox UI and check whether the integration setup was successful.

25302530

πŸ“˜

Example Azure URL

Ensure that you are using Azure URLs when creating datasets. Read Azure docs to learn how to generate blob URL in a container.
https://labelboxdatasets.blob.core.windows.net/datasets/geospatial/001.jpg

Step 5: Set up CORS headers

Follow these steps to set the CORS Headers

Now proceed to generate a JSON file containing Azure Blob Storage URIs.

Step 6: Upload data

Now that the connection is established, use the SDK to connect data to Labelbox. Use the recipe below to adding data from a container.


What’s Next