How to setup Shared access signature on the Microsoft Azure Portal
A Shared Access Signature (SAS) is an important element in providing a secure way to grant limited access to resources on Azure. It works much like a token, granting permissions to clients to access specific resources without sharing your account keys. This blog post will guide you through setting up a Shared Access Signature on Microsoft Azure Portal.
Please follow the step-by-step instructions to setup a Shared Access Signature on the Microsoft Azure Portal:
- After logging into the Microsoft Azure Portal. Select the Storage account.
- On the menu bar click on [Configuration]
- Enable “Allow recommended upper limit for shared access signature (SAS) expiry interval”
- Set the “Recommended upper limit for SAS expiry interval”, for example to 3654 days.
- Click on [Save] to continue.
- On the menu bar click on [Shared access signature].
- In “Allowed services” unselect; File, Queue, and Table.
- In “Allowed resources types” select; Service, Container, and Objects
- In “Allowed permissions” unselect Delete and Permanent delete.
- In “Blob versioning permissions” unselect “Enables deletion of versions”.
- In “Start and expiry date/time”, for example set the end date to 10 years in the future.
- Click on [Generate SAS and connection string] to continue.
- Make a copy of the “Connection string” and “SAS token”
