Securing Storage and Microsoft AZ-104 Certification Exams Configure a VHD template,Exams of Microsoft AZ-104,Microsoft AZ-104 Exams,Working with SAS tokens Storage access policies – Securing Storage

Storage access policies – Securing Storage

2023-08-082023-08-08| Veronica HernandezVeronica Hernandez| 0 Comment| 2:57 AM
Categories:

Storage access policies

A storage access policy provides an additional layer of control over SAS by introducing policies for managing the SAS token. SAS tokens can now be configured for a start and expiry time with the ability to revoke access after they have been issued. The following steps demonstrate the process for creating a storage access policy on a container:

  1. Navigate to the Azure portal by opening https://portal.azure.com.
  2. Navigate to your storage account, click Containers on the left-hand menu, and click on a container.
  3. Click Access policy, then on the right-hand pane, click + Add policy under Stored access policies.
  4. Enter an identifier and select permissions. For this exercise, you may select read and list permissions. Enter the desired start/stop date. Click OK.

You have now learned how to create a storage access policy. You will learn how to edit an existing policy in place through the following steps:

  1. Navigate to the Azure portal by opening https://portal.azure.com.
  2. Navigate to your storage account, click Containers on the left-hand menu, and click on a container.
  3. Click Access policy, then click the ellipsis (…) icon of the identifier that matches the name given in the previous step. Click Edit.
  4. You may modify the Identifier, Start time, Permissions, and Expiry time. Click OK.

You have now learned how to modify an existing policy. Let’s follow the given steps to remove an existing access policy:

  1. Navigate to the Azure portal by opening https://portal.azure.com.
  2. Navigate to your storage account, click Containers on the left-hand menu, and click on a container.
  3. Click Access policy, then click the ellipsis (…) icon of the identifier that matches the name given in the previous step. Click Delete.

You have just learned how to delete an access policy. That concludes this section, where we have learned what SAS tokens are and how they work. We have also explored storage access policies as well as how these enhance the management of SAS tokens. In the next section, we have provided additional reading material for you to learn more if desired.

Further reading

We encourage you to read up on the topic further by using the following links:

• Managing storage account access keys: https://docs.microsoft. com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal

• Automation of storage access key rotation: https://docs.microsoft. com/en-us/azure/key-vault/secrets/tutorial-rotation-dual?tabs=azure-cli

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post