A Shared Access Signature (SAS) is an important element in providing a secure way to grant limited access to resources on Azure. It works much like a token, granting permissions to clients to access specific resources without sharing your account keys. This blog post will guide you through setting up a Shared Access Signature on Microsoft Azure Portal.
Please follow the step-by-step instructions to setup a Shared Access Signature on the Microsoft Azure Portal:
-
After logging into the Microsoft Azure Portal. Select the Storage account.
-
On the menu bar click on [Configuration]
-
Enable “Allow recommended upper limit for shared access signature (SAS) expiry interval”
-
Set the “Recommended upper limit for SAS expiry interval”, for example to 3654 days.
-
Click on [Save] to continue.
-
On the menu bar click on [Shared access signature].
-
In “Allowed services” unselect; File, Queue, and Table.
-
In “Allowed resources types” select; Service, Container, and Objects
-
In “Allowed permissions” unselect Delete and Permanent delete.
-
In “Blob versioning permissions” unselect “Enables deletion of versions”.
-
In “Start and expiry date/time”, for example set the end date to 10 years in the future.
-
Click on [Generate SAS and connection string] to continue.
-
Make a copy of the “Connection string” and “SAS token”