In this video, learn how to create and manage shared access signatures. SAS offers advantages in enforcing access control with time-limited access.
- Another Azure Storage related challenge … that may come up on the AZ 500 exam is creation … and management of shared access signatures. … And earlier in the course, … we talked about the advantages … of shared access signatures over shared keys. … Now I'd like to just go over to the Azure portal … and browse to a storage account to just refresh your memory … on those SAS token advantages. … So with the shared key, … we're basically offering root access forever, … unless we revoke the key or roll the key. … With a shared access signature, … we can configure allowed services … so if I'd like to grant access only to blob storage … or only to queue storage that's possible. … I can specify specific resource types. … I can drill down on specific permissions that are allowed, … which means that if I'd like read and write but not delete, … that's absolutely possible in the world of SAS, … you'll see also, … I can specify a span of time … during which this SAS token is valid. … So I can specify an expiration date …
- Configuring security policies
- Enabling data authentication and auditing
- Configuring security for storage accounts
- Configuring Azure AD authentication
- Configuring security for Cosmos DB and Azure Data Lake