![]() ![]() In legacy scenarios where signedVersion isn't used, Blob Storage applies rules to determine the version. For more information, see Versioning for Azure Storage services.ĭetermine the version of a legacy SAS request The storage service version to use to authorize and handle requests that you make with this shared access signature. The value also specifies the service version for requests that are made with this shared access signature.įor information about which version is used when you execute requests via a shared access signature, see Versioning for Azure Storage services.įor information about how this parameter affects the authorization of requests made with a shared access signature, see Delegate access with a shared access signature. ![]() This value specifies the version of Shared Key authorization that's used by this shared access signature (in the signature field). The signedVersion ( sv) field contains the service version of the shared access signature. The following sections describe how to specify the parameters that make up the service SAS token. The fields that make up the SAS token are described in subsequent sections. The following image represents the parts of the shared access signature URI. The string-to-sign format for authorization version is unchanged. When sr=d is specified, the sdd query parameter is also required. The semantics for directory scope ( sr=d) are similar to those for container scope ( sr=c), except that access is restricted to a directory and any files and subdirectories within it. Service SAS support for directory-scoped accessĪ service SAS supports directory scope ( sr=d) when the authorization version ( sv) is or later and a hierarchical namespace is enabled. To use Azure Active Directory (Azure AD) credentials to secure a SAS for a container or blob, create a user delegation SAS. ![]() When you create an account SAS, your client application must possess the account key. You secure an account SAS by using a storage account key. Operations that use shared access signatures should be performed only over an HTTPS connection, and SAS URIs should be distributed only on a secure connection, such as HTTPS. Use discretion in distributing a SAS, and have a plan in place for revoking a compromised SAS. It's important to protect a SAS from malicious or unintended use. Shared access signatures are keys that grant permissions to storage resources, and you should protect them just as you would protect an account key. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |