Home > database >  I want to check my understanding about azure
I want to check my understanding about azure

Time:10-02

I would like to check my understanding of azure sas token. we can access a BLOB storage using SAS token instead of azureAD certification. Does this mean that a person who does not have azure account can access a BLOB storage??? Or a person who has azure account can use SAS token and access a BLOB storage.

CodePudding user response:

Yes, a person or script that has a SAS token can access BLOB storage, according to the permissions set in the token. That person or script does not need to have an azure account. Of course, that person would not be able to use the Azure portal to see the blob container, but he can access the storage account using programatically using the Azure API. He can also fetch blobs using HTTP GET requests.

As an example, I have a build script that pushes to storage and a deploy script to read from storage. These scripts contain the access token so they can run from any machine.

If I wanted to revoke the privileges of that access token I would need to replace the key that I used to generate the token with.

  • Related