Create a Shared Access Signature Token in Azure Storage - labIT PRO Suite Skip to content

Create a SAS Token in Azure Storage

[yasr_visitor_votes]

Lab Overview

In this hands-on lab, you will learn how to create a Shared Access Signature (SAS) token in Azure Storage.

A SAS token is a secure way to grant limited access to storage resources within an Azure Storage account. It allows for time-bound, controlled access to specific resources such as blobs, files, and queues, without exposing the storage account’s access keys.

This lab will guide you through the steps to create a SAS token, configure its permissions, set its access scope, and restrict access based on IP addresses, dates, and other parameters.

By the end of the lab, you will have created a SAS token with read-only permissions for a blob container, ensuring secure access to the storage resources while preventing write, delete, or modify operations.

Learning Objectives

    • Understand the concept and purpose of Shared Access Signatures (SAS) in Azure Storage.
    • Learn how to configure a SAS token for limited access to specific Azure Storage resources.
    • Apply security settings such as IP restrictions and time-limited access to your SAS token.
    • Generate a SAS token and connection string for secure access to Azure Storage blobs.
    • Implement best practices for granting read-only permissions while preventing write and delete access.

Exam Relevance

The skills you learn in this lab are necessary to pass the following Azure certification exams:

    • AZ-104
    • AZ-305

©2020 labIT PRO Suite