Using SAS for Storage Account Access
- Right-click the container or file and select Generate SAS from the drop-down menu.
- Select Signing method → User delegation key.
- Define Permissions by checking and/or clearing the appropriate check box:
- Your source container or file must have designated read and list access.
- Your target container or file must have designated write and list access.
- Specify the signed key Start and Expiry times.
- When you create a shared access signature (SAS), the default duration is 48 hours. After 48 hours, you’ll need to create a new token.
- Consider setting a longer duration period for the time you’ll be using your storage account for Translator Service operations.
- The value for the expiry time is a maximum of seven days from the creation of the SAS token.
- The Allowed IP addresses field is optional and specifies an IP address or a range of IP addresses from which to accept requests. If the request IP address doesn’t match the IP address or address range specified on the SAS token, it won’t be authorized.
- The Allowed protocols field is optional and specifies the protocol permitted for a request made with the SAS. The default value is HTTPS.
- Review then select Generate SAS token and URL.
- The Blob SAS token query string and Blob SAS URL will be displayed in the lower area of window.
- Copy and paste the Blob SAS token and URL values in a secure location. They’ll only be displayed once and cannot be retrieved once the window is closed.
Tag:Azure
