What is the major difference between SAS and Stored Access in Azure-Storage

Milo James 46 Reputation points
2021-05-28T14:18:26.307+00:00

What is the major difference between SAS and Stored Access in Azure-Storage

Azure Storage
Azure Storage
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,542 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sumarigo-MSFT 47,471 Reputation points Microsoft Employee Moderator
    2021-05-28T15:48:22.57+00:00

    @Milo James Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    Adding more information to the above answe : A shared access signature (SAS) is a URI that grants restricted access to an Azure Storage container. Use it when you want to grant access to storage account resources for a specific time range without sharing your storage account key. Learn more

    100613-image.png

    You can also create a shared access signature (SAS) using a stored access policy through Azure Storage Explorer, please refer to this Q&A thread

    Additional information: Refer to the following links: Delegate access with a shared access signature

    Hope this helps!

    Kindly let us know if the above helps or you need further assistance on this issue.

    -----------------------------------------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    2 people found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. SUNOJ KUMAR YELURU 15,491 Reputation points MVP Volunteer Moderator
    2021-05-28T14:36:19.317+00:00

    Hi @Milo James

    A shared access signature (SAS) is a URI that grants restricted access rights to Azure Storage resources. You can provide a shared access signature to clients who should not be trusted with your storage account key but to whom you wish to delegate access to certain storage account resources. By distributing a shared access signature URI to these clients, you can grant them access to a resource for a specified period of time, with a specified set of permissions.
    https://azure.microsoft.com/en-us/updates/manage-stored-access-policies-for-storage-accounts-from-within-the-azure-portal/
    https://learn.microsoft.com/en-us/azure/storage/blobs/sas-service-create?tabs=dotnet

    A stored access policy provides an additional level of control over service-level shared access signatures (SAS) on the server side. Establishing a stored access policy serves to group shared access signatures and to provide additional restrictions for signatures that are bound by the policy. You can use a stored access policy to change the start time, expiry time, or permissions for a signature, or to revoke it after it has been issued.

    The following storage resources support stored access policies:

    Blob containers
    File shares
    Queues
    Tables
    https://learn.microsoft.com/en-us/rest/api/storageservices/define-stored-access-policy

    If the Answer is helpful, please click Accept Answer and up-vote, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.