Azure: How to provide limited Access Level to a Container in a Storage Account?

MateoEstrada
January 18, 2023
248 views
0 votes
2 Answers

Me and my team are using Azure Synapse Analytics to ingest data from a REST API to a Azure Data Lake Storage Gen2, in order to create views automatically.

The only way we could manage to do this in our Workspace was by previously changing the Public Access Level to the Container inside our Storage Account to "Container (anonymous read access for containers and blobs)".

Is there any way to avoid doing this, and just enable this level of access to specific containers for a limited amount of users / IPs, while keeping it "Private (no anonymous access)"?

Click to Azure Portal view of the Containers inside a certain Storage Account resource

Answers

- ThiagoCustodio
- January 18, 2023 at 5:06 pm
- 0 votes
0
Yes, you can use Shared Access Signatures for it. You can find more information in here:

https://learn.microsoft.com/en-us/azure/storage/common/storage-sas-overview

Login or Signup to reply.

- RithwikBojja
- January 19, 2023 at 5:08 am
- 0 votes
0
I do agree with @Thiago Custodio and @Nandan, we can use SAS Token and URL for limited access to Container in the storage accounts.

To get SAS token:
- Firstly, open the storage account, then click on container.
- Then click on your container and then click on Shared Access tokens as below.
- Then you can select what access you want to give access as below. Then Generate the token.
The token comes as below, now you can send this token to whom you want to give access your container.

Alternatively, you can also create a private endpoint as below:
- Firstly, click on Networking, the click on Private endpoint connections and then (+) create a end point.
Now this Container can be accessed from the Virtual Machine integrated with this private endpoint.
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.