Sign-up now and get instant access
Leave a comment
Customized training to master new skills and grow your business.
Beginner to advanced classes taught by Microsoft MVPs and Authors.
In-depth boot camps take you from a novice to mastery in less than a week.
Season Learning Pass
Get access to our very best training offerings for successful up-skilling.
Stream Pro Plus
Combine On-Demand Learning platform with face-to-face Virtual Mentoring.
Quick references for when you need a little guidance.
Summaries developed in conjunction with our Learn with the Nerds sessions.
Digital goodies - code samples, student files, and other must have files.
Stay up-to-date on all things Power BI, Power Apps, Microsoft 365 and Azure.
Earn money by driving sales through the Pragmatic Works' Training Affiliate Program.
It's time to address your client's training needs.
Learn how to get into IT with free training and mentorship.
Discover the faces behind our success: Meet our dedicated team
How can we help? Connect with Our Team Today!
Find all the information you’re looking for. We’re happy to help.
There are multiple ways to allow external access to Azure storage accounts, some better (and more secure) than others. Today, I’d like to share with you 3 methods to access your storage accounts externally, as well as the preferred methods for doing so.
1. Access Keys – This is one way to allow access, but I don't highly recommend using it. Why? There are only 2 access keys that exist for your storage account. If you use one, it will be a problem later, since when you have to change it, you’ll have to change everything referring to that storage account. These keys should be used for applications or special use cases that you can manage accordingly.
If you share these access keys outside of the organization, this could create problem, as you don’t want to have to go in and change them if you feel that the key has been violated in some way.
2. Share Access Signatures (SAS) - A much better option. This is designed to limit access to your storage account and the containers they’re involved in. They allow you to establish security at a more granular level than access keys. With this method, you can use one storage account and create multiple signatures and allow for specific security access.
This works great for when a company is sending you data and you want to store it somewhere and then give them secure access to your Azure environment. There are expiration properties, so you can allow access for a designated amount of time or if things change, it’s easy to kill the key and stop access.
3. Share Access Policies – This is your best option for supporting external entities to get the data into the storage account and is the easiest to manage. Shared access policies leverage shared access signatures and must be created with PowerShell. They are easily managed without creating a new SAS every time.
If you have other questions about secure storage access, either from external users or your own accounts, or any other Azure related question, click the link below – we’re here to help.
Join other Azure, Power Platform and SQL Server pros by subscribing to our blog.