By using an SAS, you can provide a way to grant limited access to objects and data that are stored inside your storage account to the clients that connect to it. Using an SAS, you don't have to expose your access keys to the clients.
When you create a storage account, primary and secondary access keys are created. Both of these keys can grant administrative access to your account and all of the resources within it. Exposing these keys can also open your storage account to negligent or malicious use. SAS provides a safe alternative to this that will allow clients to read, write, and delete data in your storage account according to the permissions you've explicitly granted, without the need for an account key.
In the next section, we're going to look at how to manage our access keys and how to generate an SAS for our storage account.
Managing access keys
To manage access keys, perform the following steps:
- Navigate to the Azure portal by opening https...
