ReddRadar
Agent skill
Azure Blob Storage
Use Azure Blob Storage for object storage, file uploads, static assets, and backup storage in Azure cloud.
Install this agent skill to your Project
npx add-skill https://github.com/hivellm/rulebook/tree/main/templates/skills/services/azure-blob
SKILL.md
Azure Blob Storage Instructions
CRITICAL: Use Azure Blob Storage for object storage, file uploads, static assets, and backup storage in Azure cloud.
Core Features
Connection
// Using @azure/storage-blob
import { BlobServiceClient, StorageSharedKeyCredential } from '@azure/storage-blob'
const accountName = process.env.AZURE_STORAGE_ACCOUNT_NAME || ''
const accountKey = process.env.AZURE_STORAGE_ACCOUNT_KEY || ''
const sharedKeyCredential = new StorageSharedKeyCredential(accountName, accountKey)
const blobServiceClient = new BlobServiceClient(
`https://${accountName}.blob.core.windows.net`,
sharedKeyCredential
)
const containerClient = blobServiceClient.getContainerClient(
process.env.AZURE_CONTAINER_NAME || 'mycontainer'
)
Basic Operations
// Create container
await containerClient.createIfNotExists({
access: 'blob', // 'blob', 'container', or 'private'
})
// Upload blob
const blockBlobClient = containerClient.getBlockBlobClient('path/to/file.jpg')
await blockBlobClient.upload(fileBuffer, fileBuffer.length, {
blobHTTPHeaders: {
blobContentType: 'image/jpeg',
},
metadata: {
userId: '123',
originalName: 'photo.jpg',
},
})
// Download blob
const downloadResponse = await blockBlobClient.download()
const fileContent = await streamToBuffer(downloadResponse.readableStreamBody)
// Delete blob
await blockBlobClient.delete()
// List blobs
for await (const blob of containerClient.listBlobsFlat()) {
console.log(blob.name, blob.properties.contentLength)
}
Advanced Features
// Generate SAS URL
import { generateBlobSASQueryParameters, BlobSASPermissions, StorageSharedKeyCredential } from '@azure/storage-blob'
const sasToken = generateBlobSASQueryParameters(
{
containerName: 'mycontainer',
blobName: 'path/to/file.jpg',
permissions: BlobSASPermissions.parse('r'), // read
startsOn: new Date(),
expiresOn: new Date(new Date().valueOf() + 3600 * 1000), // 1 hour
},
sharedKeyCredential
).toString()
const sasUrl = `https://${accountName}.blob.core.windows.net/mycontainer/path/to/file.jpg?${sasToken}`
// Copy blob
const sourceBlobClient = containerClient.getBlockBlobClient('source/file.jpg')
const destBlobClient = containerClient.getBlockBlobClient('dest/file.jpg')
await destBlobClient.beginCopyFromURL(sourceBlobClient.url)
// Set blob metadata
await blockBlobClient.setMetadata({
category: 'profile',
uploadedBy: 'user-123',
})
// Get blob properties
const properties = await blockBlobClient.getProperties()
console.log(properties.contentType, properties.contentLength, properties.metadata)
Common Patterns
File Upload Handler
async function uploadFile(file: Buffer, filename: string, userId: string) {
const blobName = `users/${userId}/${Date.now()}-${filename}`
const blobClient = containerClient.getBlockBlobClient(blobName)
await blobClient.upload(file, file.length, {
blobHTTPHeaders: {
blobContentType: getContentType(filename),
},
metadata: {
userId,
originalName: filename,
uploadedAt: new Date().toISOString(),
},
})
return {
blobName,
url: blobClient.url,
}
}
Temporary Access URL
async function generateTemporaryUrl(blobName: string, expiresInMinutes: number = 60) {
const blobClient = containerClient.getBlockBlobClient(blobName)
const sasToken = generateBlobSASQueryParameters(
{
containerName: containerClient.containerName,
blobName,
permissions: BlobSASPermissions.parse('r'),
expiresOn: new Date(Date.now() + expiresInMinutes * 60 * 1000),
},
sharedKeyCredential
).toString()
return `${blobClient.url}?${sasToken}`
}
Best Practices
✅ DO:
- Use appropriate access tiers (Hot, Cool, Archive)
- Set blob metadata for organization
- Use SAS tokens for temporary access
- Implement proper error handling
- Use appropriate content types
- Enable soft delete for important data
- Monitor storage usage and costs
- Use lifecycle management policies
- Implement retry logic
- Use connection strings or managed identity
❌ DON'T:
- Store sensitive data without encryption
- Use public access unnecessarily
- Hardcode credentials
- Ignore error handling
- Skip content-type validation
- Ignore lifecycle policies
- Skip access logging
- Use default access levels
- Ignore cost optimization
- Store large files without chunking
Configuration
Environment Variables
AZURE_STORAGE_ACCOUNT_NAME=myaccount
AZURE_STORAGE_ACCOUNT_KEY=your-account-key
AZURE_CONTAINER_NAME=mycontainer
AZURE_STORAGE_CONNECTION_STRING=DefaultEndpointsProtocol=https;AccountName=...
Managed Identity (Recommended)
import { DefaultAzureCredential } from '@azure/identity'
const blobServiceClient = new BlobServiceClient(
`https://${accountName}.blob.core.windows.net`,
new DefaultAzureCredential()
)
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
hivellm/rulebook
DAG Workflow
Maintain a clean dependency graph (DAG) to prevent circular dependencies and ensure maintainable architecture.
hivellm/rulebook
Documentation Rules
All documentation in English. Root README concise, detailed docs in `/docs`.
hivellm/rulebook
Quality Enforcement
These rules are NON-NEGOTIABLE and MUST be followed without exception.
hivellm/rulebook
Rulebook Task Management
Spec-driven task management for features and breaking changes with OpenSpec-compatible format
hivellm/rulebook
Agent Automation
Mandatory workflow that AI agents MUST execute after EVERY implementation.
hivellm/rulebook
C
Execute these commands after EVERY implementation (see AGENT_AUTOMATION module for full workflow).
Didn't find tool you were looking for?