Restrict Shared Access Signatures with Azure Stored Access Policy
Security is not a product but a process ~Bruce Schneier
What is a stored access policy?
Let’s start with, why do need a stored access policy in the first place. We can give access to storage accounts by sharing keys directly. But this gives full access to all the services in that storage account.
We can try to provision a more granular level of access on a service level and specific permissions with shared access signatures or SAS. These SAS keys are signed by storage…