In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
From the previous article, I believe everyone knows that Shared Access Signature (SAS) is a mechanism to restrict access to Azure storage. This is one of the more secure ways to provide access to our storage accounts. Access the corresponding Azure storage account without accessing a key.
There are two common SAS types:
Service Level: Allow access to resources in only one of the following storage services: Blob, Queue, Table, and File Account Level: Allow access to resources in one or more storage services. All operations available through Service Level SAS are also available through Account Level SAS
Next, let's take a look at how to use SAS to explode Azure Storage security
I prepared a storage account named "sql12bak":
In the storage account, a container named "test" is prepared and some files used for the test are uploaded:
With the above preparations, we can return to the main page of the storage account and see the Shared access signature tab:
After clicking on Shared access signature, we can see that there are several types of settings:
Permitted services: We can choose which services we can offer to our users. Permitted permissions: We can choose which permissions to grant to users. Start and end: We can set availability periods. Allowed IP addresses: We can whitelist IP access to storage accounts. Allowed protocols: HTTPS only or http and https
In this example we will configure the following permissions:
Read, list: so that users can read and list files under the account, but can not delete, write, add goods to create resources to the storage account
Also we configure only HTTPS protocol access, and click Generate Connection String:
After generating SAS and connection strings, copy Blob Services SAS URL:
Open Microsoft Azure Storage Explorer and click Add Account:
In Connect to Azure Storage, select Use Shared Access Signature (SAS) URI and click Next:
Paste the copied URL. When you paste the URL, it automatically updates the other text boxes, and then click Next.
Confirm, click on the link:
Among the storage accounts we prepared, we can find the "test" container. Inside the container, we can see that there are several test files:
When I double-click test.txt I can read the file because we have previously granted read access:
But when I try to delete or upload a file, it prompts us that we don't have permission:
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.