Azure integration methods

Integration methods

After creating the storage account and a blob container, you can integrate them using one of two methods— access keys or a shared access signature (SAS):

1. Access keys provide full administrative access to your storage account, allowing any operation. They are suitable for scenarios requiring complete control but must be handled carefully due to their high level of access.

2. A shared access signature (SAS) offers more granular control, allowing access to specific resources for a limited time with restricted permissions. This method is ideal for scenarios where you need to grant a temporary access to clients or applications without exposing primary keys, enhancing security and flexibility in managing storage resources.

SAS configuration

Minimal required permissions to configure Azure Blob Storage for use with:

1. Allowed services:

• Blob

1. Allowed resource types:

• Container

• Objects

1. Allowed permissions:

• Read

• Write

• Delete

• List

1. Allowed permissions for replication:

• Read

• Write

• Delete

• List

• Add

• Create

Generating the connection string

Generating the connection string with the specified permissions:

1. Login to the Azure portal as an administrator.

2. Select the storage account and click Shared Access Signature in the Settings tab.

3. Select the permissions described in the SAS configuration section of this article.

4. Click Generate SAS and connection string.

1. For setting up the blob storage, you will need the connection string:

Generating the connection string with the full permission:

1. Login to the Azure portal as an administrator.

2. Select the storage account.

3. Go to Access keys under the Security + networking menu section.

1. For setting up the blob storage, you will need the connection string:

Useful links and items

Define a stored access policy - Azure StorageMicrosoftLearn

Overview of immutable storage for blob data - Azure StorageMicrosoftLearn