Azure storage account access key

Tip

If you're not an E5 customer, you can try all the premium features in Microsoft Purview for free. Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

This SIT is also included in the All credentials bundled SIT.

Format

A combination of up to 20,000 characters consisting of letters, digits, and special characters.

or

A combination of 88 characters consisting of letters, digits, and special characters.

Pattern

Any combination of up to 20,000 characters consisting of:

  • a-z (not case-sensitive)
  • 0-9
  • forward slashes (/)
  • or plus signs (+)
  • Up to 2
  • equal signs (=)

for example:

MIIKcQIBAzCCCi0GCSqGSIb3DQEHAaCCCh4EggoaMIIKFjCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCBfQGCyqGSIb3DQEM or

Any combination of 86 characters consisting of:

a-z (not case-sensitive) 0-9 forward slashes (/) or plus signs (+) ends with two equal signs (=)

for example:

abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==

Credential example

Endpoint=account.table.core.windows.net;AccountName=account;AccountKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==

Checksum

Yes

SITs that have checksums use a unique calculation to check if the information is valid. This means when the Checksum value is Yes, the service can make a positive detection based on the sensitive data alone. When the Checksum value is No additional (secondary) elements must also be detected for the service to make a positive detection.

Definition

This SIT is designed to match the security information that's used to make request against Azure Storage services, like Blob, Queue, Table and File services.

It uses several primary resources:

  • Patterns of Base64 encoded string literal.
  • Patterns of Base64 encoded 512-bits symmetric key.
  • Patterns of CredentialName, CredentialFeatures, AccountIdentityName, AccountIdentityValue, ResourceType, ResourceName, Id, AccountName.
  • Patterns of mockup values, redactions, and placeholders.
  • A dictionary of vocabulary.

The patterns are designed to match actual credentials with reasonable confidence. The patterns don't match credentials formatted as examples. Mockup values, redacted values, and placeholders, like credential type or usage descriptions, in the position where an actual secret value should present won't be matched.

Keywords

Keyword_Base64EncodedStringLiteral:

  • MII

Keyword_SymmetricKey512:

  • SharedAccessKey
  • AccountKey