![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 57.99999999999999%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,844 questions
@Girish Prajwal Question, if a user can read a blob from a storage account, the name of the storage account is present in the URL/properties of the blob (so, the user can still tell there is an account and access via script/programmatically).
‘Storage Blob Data Reader’ may limit the ability to list the account (: https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#storage-blob-data-reader)
You need a read permission or Reader role on the subscription to enumerate resources, including storage accounts.
Storage Blob Data Reader role grants permissions for reading blob content and metadata in the storage account.
Also, Let me explain how this roles works and the define of the RBAC, see here
If it's for Azure Files You can do an AD integration with SMB to grant access to users. Here you can learn more about it : https://azure.microsoft.com/en-us/blog/better-security-with-enhanced-access-control-experience-in-azure-files/ also if possible review the RBAC roles article What is Azure role-based access control (Azure RBAC)?
Hope this helps!
Kindly let us know if the above helps or you need further assistance on this issue.
------------------------------------------------------------------------------------------------------------
Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.