diff --git a/infrastructure/modules/blob_storage/outputs.tf b/infrastructure/modules/blob_storage/outputs.tf
index fc0af46c..15944b11 100644
--- a/infrastructure/modules/blob_storage/outputs.tf
+++ b/infrastructure/modules/blob_storage/outputs.tf
@@ -5,3 +5,7 @@ output "storage_account_name" {
 output "storage_container_name" {
   value = azurerm_storage_container.main.name
 }
+
+output "storage_account_id" {
+  value = azurerm_storage_account.main.id
+}
diff --git a/infrastructure/modules/server/managed_identity.tf b/infrastructure/modules/server/managed_identity.tf
index b33a51e4..554e7029 100644
--- a/infrastructure/modules/server/managed_identity.tf
+++ b/infrastructure/modules/server/managed_identity.tf
@@ -18,3 +18,9 @@ resource "azurerm_role_assignment" "key_vault_user" {
   role_definition_name = "Key Vault Secrets User"
   principal_id         = module.managed_identity.principal_id
 }
+
+resource "azurerm_role_assignment" "blob_storage_contributor" {
+  scope                = module.blob_storage.storage_account_id
+  role_definition_name = "Storage Blob Data Contributor"
+  principal_id         = module.managed_identity.principal_id
+}