Document Details
Introduction
❌
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Bias Types:
⚠️
windows_first
⚠️
powershell_heavy
Summary:
The documentation provides both PowerShell and Azure CLI examples, but consistently presents PowerShell (a Windows-centric tool) before Azure CLI (which is cross-platform and more common on Linux/macOS). There are no explicit Linux shell (bash) or scripting examples, and no mention of Linux-specific tools or workflows. The PowerShell examples are detailed and prominent, which may signal a preference for Windows environments.
Recommendations:
- Present Azure CLI examples before PowerShell examples, as Azure CLI is cross-platform and more familiar to Linux users.
- Explicitly mention that Azure CLI commands work on Linux, macOS, and Windows, and provide bash-specific usage notes if relevant.
- Where possible, add bash script equivalents or highlight usage in a Linux shell environment.
- Consider adding a section or callout for Linux users, clarifying any OS-specific prerequisites or differences.
- Avoid assuming Visual Studio (a Windows tool) as the default development environment; mention cross-platform alternatives like VS Code.
Create pull request
Scan History
| Date | Scan ID | Status | Bias Status |
|---|---|---|---|
| 2025-07-12 23:44 | #41 | in_progress | ❌ Biased |
| 2025-07-12 00:58 | #8 | cancelled | ✅ Clean |
| 2025-07-10 05:06 | #7 | processing | ✅ Clean |
| 2025-07-09 23:22 | #6 | cancelled | ✅ Clean |
Flagged Code Snippets
Connect-AzAccount
$resourceGroup = "securewebappresourcegroup"
$location = "<location>"
$storageName="securewebappstorage"
$containerName = "securewebappblobcontainer"
$storageAccount = New-AzStorageAccount -ResourceGroupName $resourceGroup `
-Name $storageName `
-Location $location `
-SkuName Standard_RAGRS `
-Kind StorageV2
$ctx = $storageAccount.Context
New-AzStorageContainer -Name $containerName -Context $ctx -Permission blob
---
## Grant access to the storage account
You need to grant your web app access to the storage account before you can create, read, or delete blobs. In a previous step, you configured the web app running on App Service with a managed identity. Using Azure RBAC, you can give the managed identity access to another resource, just like any security principal. The Storage Blob Data Contributor role gives the web app (represented by the system-assigned managed identity) read, write, and delete access to the blob container and data.
> [!NOTE]
> Some operations on private blob containers are not supported by Azure RBAC, such as viewing blobs or copying blobs between accounts. A blob container with private access level requires a SAS token for any operation that is not authorized by Azure RBAC. For more information, see [When to use a shared access signature](/azure/storage/common/storage-sas-overview#when-to-use-a-shared-access-signature).
# [Portal](#tab/azure-portal)
In the [Azure portal](https://portal.azure.com), go into your storage account to grant your web app access. Select **Access control (IAM)** in the left pane, and then select **Role assignments**. You'll see a list of who has access to the storage account. Now you want to add a role assignment to a robot, the app service that needs access to the storage account. Select **Add** > **Add role assignment** to open the **Add role assignment** page.
Assign the **Storage Blob Data Contributor** role to the **App Service** at subscription scope. For detailed steps, see [Assign Azure roles using the Azure portal](../../../role-based-access-control/role-assignments-portal.yml).
Your web app now has access to your storage account.
# [PowerShell](#tab/azure-powershell)
Run the following script to assign your web app (represented by a system-assigned managed identity) the Storage Blob Data Contributor role on your storage account.