azure:az-500:data_and_application_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
azure:az-500:data_and_application_security [2022/06/26 23:13] – [Storage Account Access] mmuzeazure:az-500:data_and_application_security [2022/07/22 00:59] (current) mmuze
Line 4: Line 4:
  
 ===== Configure security for storage ===== ===== Configure security for storage =====
 +  * [[azure:azure_storage|Azure Storage]]
   * [[azure:az-500:Storage Security]]   * [[azure:az-500:Storage Security]]
   * Configure access control for storage accounts   * Configure access control for storage accounts
Line 27: Line 28:
   * Configure key rotation   * Configure key rotation
   * Configure backup and recovery of certificates, secrets, and keys   * Configure backup and recovery of certificates, secrets, and keys
- 
-====== Storage Account Access ====== 
-  * [[https://docs.microsoft.com/en-us/learn/modules/storage-security/4-shared-access-signatures]] 
-  * [[https://docs.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory|Azure AD]] is the recommended way to provide authorization for storage account access. 
-  * A [[https://docs.microsoft.com/en-us/rest/api/storageservices/define-stored-access-policy|stored access policy]] is an additional level of protection that can be used in conjunction with service-level shared access signatures (SAS) authentication. It provides and expiration date and permissions that can be used independent of the SAS token/URL. This provides more flexibility for revoking access with other consequences. 
  
  
Line 118: Line 114:
 ===== § ===== ===== § =====
   * [[azure:az-500:Azure Monitor]]   * [[azure:az-500:Azure Monitor]]
 +
 +====== HDInsight ======
 +  * To support multiuser access an HDInsight cluster requires AADDS.
  
  • azure/az-500/data_and_application_security.1656285234.txt.gz
  • Last modified: 2022/06/26 23:13
  • by mmuze