How to setup Shared access signature on the Microsoft Azure Portal

08 Mar, 2024

A Shared Access Signature (SAS) is an important element in providing a secure way to grant limited access to resources on Azure. It works much like a token, granting permissions to clients to access specific resources without sharing your account keys. This blog post will guide you through setting up a Shared Access Signature on Microsoft Azure Portal.

Please follow the step-by-step instructions to setup a Shared Access Signature on the Microsoft Azure Portal:

  1. After logging into the Microsoft Azure Portal. Select the Storage account.
  2. On the menu bar click on [Configuration]
  3. Enable “Allow recommended upper limit for shared access signature (SAS) expiry interval”
  4. Set the “Recommended upper limit for SAS expiry interval”, for example to 3654 days.
  5. Click on [Save] to continue.
  6. On the menu bar click on [Shared access signature].
  7. In “Allowed services” unselect; File, Queue, and Table.
  8. In “Allowed resources types” select; Service, Container, and Objects
  9. In “Allowed permissions” unselect Delete and Permanent delete.
  10. In “Blob versioning permissions” unselect “Enables deletion of versions”.
  11. In “Start and expiry date/time”, for example set the end date to 10 years in the future.
  12. Click on [Generate SAS and connection string] to continue.
  13. Make a copy of the “Connection string” and “SAS token”
Video Page
How-To