Look at the access keys available for authentication when interacting with an Azure Storage account. Also, note the option to regenerate keys and the need for two keys so that applications can use one key while another is being regenerated.
- [Instructor] The simplest way to authenticate,…and authorized access for connecting to a storage account,…is something called Access Keys.…Take a look in the Azure portal,…select one of your storage accounts,…and below the overview you'll see an access keys entry.…Click on access keys,…and notice on the right hand side…there's quite a bit of detail.…First, the storage account name, significant…so you'll have a set of keys per storage account.…You'll have two keys, key one and key two,…so that you can rotate keys meaning…if an application is using the first key,…you can reset the second one,…and then let the application switch to the second key,…and then you can reset the first one.…
So that allows you to always have at least one…active and valid key, for applications to use…connecting to the storage account.…Notice that the keys though are essentially…your root access (mumbles) access, to the storage account…so given one of these keys, you'll have full access…and you can do anything.…So first off, try to avoid using these keys,…
Looking for study partners?Join the AZ-203 Azure Exam study group
Azure Storage is an important part of the Microsoft Azure developer toolkit. In this course, Anton Delsink provides a high-level overview of what Azure Storage is, as well as a brief look at the options available to developers: table, file, queue, and blob-based storage. Anton starts the course with a tour of the Azure portal and an explanation of how to create both a general-purpose storage account and a Blob storage account. Next, he covers important security and deployment topics that apply across all storage options. To wrap up, he briefly goes over each storage area. For a more in-depth exploration of each storage area—files, tables, blobs, and queues—check out additional courses in the Azure Storage for Developers series.
- Creating general-purpose and Blob storage accounts
- Shared key authentication
- Using shared access signatures (SAS)
- Granting privileges with stored access policies
- Encrypting data at rest
- Deploying Azure storage accounts from the command line
- Deploying Azure storage accounts using PowerShell
- Storage types, including blobs, tables, queues, and files