Lesson 2. Create a policy on container and generate a Shared Access Signature (SAS) key

In this lesson, you will learn how to create a policy on the Blob container and also generate a SAS key.

A stored access policy provides an additional level of control over shared access signatures on the server side. A shared access signature is a URI that grants restricted access rights to containers, blobs, queues, and tables. When using this new enhancement, you need to create a policy on a container with read, write, and list rights.

You can create a policy and a shared access signature by using one of the following methods:

• Azure REST API operations: Create Container, Set Container ACL, and Get Container ACL.

• CloudBlobContainer.GetSharedAccessSignature Method in the Azure SDK.

  
     string signature = blob.GetSharedAccessSignature(new SharedAccessPolicy()   
      {   
          // Specify the expiration time for the signature.   
          SharedAccessExpiryTime = DateTime.Now.Years(1),   
          // Specify the permissions granted by the signature.    
          Permissions = SharedAccessPermissions.Write | SharedAccessPermissions.Read   
      });  
  
  

• A third-party Azure explorer tool, such as Azure Storage Explorer.

Next Lesson:

Lesson 3: Create a SQL Server Credential