Azure Storage account configured with Shared Key authorization

Question

Azure Storage account configured with Shared Key authorization

R Aishwarya 65

Hi,

I m working upon a Ruby on Rails application hosted on Azure app service. The application uses access keys of storage account to access the storage account. The access keys are specified in credentials file in codebase and at configuration tab in app services.

if Azure Storage account configured with Shared Key authorization is enabled , will the application still be able to access storage account via access keys? or how will I be able to connect storage account with app service after enabling shared key authorization.

Accepted answer

1 additional answer

Your answer

Answer 1

Hi,

Yes, your Ruby on Rails application hosted on Azure App Service will still be able to access the Azure Storage account via access keys even if Shared Key authorization is enabled.

When you create a storage account, by default, Azure storage platform generates two 512-bit storage account access keys for that account. These keys can be used to authorize access to data in your storage account via Shared Key authorization, or via SAS tokens that are signed with the shared key.

You can view and manage these access keys in the Azure portal. To connect your Azure App Service to the Azure Storage account, you can use these access keys in your application's configuration or credentials file.

However, it's important to note that using access keys does grant full access to the storage account, so it's recommended to handle them securely. If possible, consider using Azure Active Directory (Azure AD) for authorization for superior security and ease of use.

If you need further assistance, feel free to ask.

Vansh Mittal 0 Reputation points Microsoft Employee

2024-01-22T04:54:33.23+00:00

@SAMITSARKAR_MSFT How to use Azure Active Directory (AD)/ Entra for authorization?
Could you please share the link? Also, my use case is this https://stackoverflow.com/q/77830126/13349601

Answer 2

TP 124.9K Volunteer Moderator

Hi,

Yes, because Shared Key authorization is the same as accessing your storage account via access keys. With Shared Key authorization, your application uses storage account access key to sign the requests. Please see article below:

Authorize with Shared Key

https://learn.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key

Please click Accept Answer and upvote if the above was helpful. If something is unclear please add a comment below.

Thanks.

-TP

TP 124.9K Reputation points Volunteer Moderator

2023-11-24T05:38:17.72+00:00

@R Aishwarya To reiterate, the two things you are asking about, Access keys and Shared Key authorization, are literally referring to the same thing. The "Shared Key" in Shared Key authorization is an Access key. When using an Access key to access an account, you use Shared Key authorization.

Your question could be rewritten in this way and still have same meaning: "If I enable access to my storage account using access keys, will I still be able to use access keys to access the account?" or "If I enable Shared Key authorization, will I still be able to use Shared Key authorization to access the account?"

I wanted to make this clear to you since SAMIT SARKAR's answer is written as if they are two different things, which they are not.

Share via

Azure Storage account configured with Shared Key authorization

1 additional answer

Your answer