This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision |
| azure:az-500:data_and_application_security [2022/07/20 18:34] – [Shared Access Signature (SAS)] mmuze | azure:az-500:data_and_application_security [2022/07/22 00:59] (current) – mmuze |
|---|
| * Configure key rotation | * Configure key rotation |
| * Configure backup and recovery of certificates, secrets, and keys | * Configure backup and recovery of certificates, secrets, and keys |
| |
| ====== Storage Account Access ====== | |
| * [[https://docs.microsoft.com/en-us/azure/storage/common/authorize-data-access|Authorize access to data in Azure Storage]] | |
| * [[https://docs.microsoft.com/en-us/azure/storage/common/storage-network-security]] | |
| * [[https://docs.microsoft.com/en-us/learn/modules/storage-security/4-shared-access-signatures]] | |
| * [[https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview]] | |
| * [[https://docs.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory|Azure AD]] is the recommended way to provide authorization for storage account access. | |
| * A [[https://docs.microsoft.com/en-us/rest/api/storageservices/define-stored-access-policy|stored access policy]] is an additional level of protection that can be used in conjunction with //service-level shared access signatures (SAS)// authentication. It provides and expiration date and permissions that can be used independent of the SAS token/URL. This provides more flexibility for revoking access. | |
| |
| |
| ===== § ===== | ===== § ===== |
| * [[azure:az-500:Azure Monitor]] | * [[azure:az-500:Azure Monitor]] |
| | |
| | ====== HDInsight ====== |
| | * To support multiuser access an HDInsight cluster requires AADDS. |
| |