locked
Number of Shared Access Signatures on a Storage Account RRS feed

  • Question

  • Hi,

    Query: Need to Create Multiple Shared Access Signature on Storage Account. These will be shared with the app user.

    is there any limit on number of shared access signatures that can be created on a storage? can multiple Shared access signatures work at same time?

    Any consideration that I need to take care while we create a Shared Access Signature?

    Sincere Thanks,

    SmartCodar

    Tuesday, December 30, 2014 6:36 AM

Answers

  • Hi,

    As of now, there is no limit on the number of Shared Access Signature. However, if you use "container-level access policy" optional component, which gets stored in blob storage will have a limit of 5 per container.

    Regards,

    Manu Rekhar

    • Proposed as answer by Manu Rekhar Thursday, January 1, 2015 7:33 AM
    • Marked as answer by Girish Prajwal Wednesday, January 7, 2015 6:23 AM
    Tuesday, December 30, 2014 9:04 AM
  • as far as I know - there is no limit on the number of shared access signatures however as Manu has mentioned correctly - there is a limit of max 5 policies which you can define on the container.

    You might want to analyse the real need of generating huge numbers of SASs and design your storage usage strategy based on your requirement, generating large number of SASs is not recommended due to security concerns (If a SAS is leaked, it can be used by anyone who obtains it, which can potentially compromise your storage account.) and it doesn't seem to be an efficient way. so you might want to create the container level policies instead and generate SAS based on it.

    You can read more info at - http://msdn.microsoft.com/en-us/library/azure/ee393341.aspx

    It is also worth taking a look at the documentation of - Best Practices for Using Shared Access Signatures

    http://azure.microsoft.com/en-in/documentation/articles/storage-dotnet-shared-access-signature-part-1/


    Bhushan | http://www.passionatetechie.blogspot.com | http://twitter.com/BhushanGawale

    • Proposed as answer by Manu Rekhar Thursday, January 1, 2015 7:33 AM
    • Marked as answer by Girish Prajwal Wednesday, January 7, 2015 6:23 AM
    Tuesday, December 30, 2014 2:11 PM

All replies

  • Hi,

    As of now, there is no limit on the number of Shared Access Signature. However, if you use "container-level access policy" optional component, which gets stored in blob storage will have a limit of 5 per container.

    Regards,

    Manu Rekhar

    • Proposed as answer by Manu Rekhar Thursday, January 1, 2015 7:33 AM
    • Marked as answer by Girish Prajwal Wednesday, January 7, 2015 6:23 AM
    Tuesday, December 30, 2014 9:04 AM
  • as far as I know - there is no limit on the number of shared access signatures however as Manu has mentioned correctly - there is a limit of max 5 policies which you can define on the container.

    You might want to analyse the real need of generating huge numbers of SASs and design your storage usage strategy based on your requirement, generating large number of SASs is not recommended due to security concerns (If a SAS is leaked, it can be used by anyone who obtains it, which can potentially compromise your storage account.) and it doesn't seem to be an efficient way. so you might want to create the container level policies instead and generate SAS based on it.

    You can read more info at - http://msdn.microsoft.com/en-us/library/azure/ee393341.aspx

    It is also worth taking a look at the documentation of - Best Practices for Using Shared Access Signatures

    http://azure.microsoft.com/en-in/documentation/articles/storage-dotnet-shared-access-signature-part-1/


    Bhushan | http://www.passionatetechie.blogspot.com | http://twitter.com/BhushanGawale

    • Proposed as answer by Manu Rekhar Thursday, January 1, 2015 7:33 AM
    • Marked as answer by Girish Prajwal Wednesday, January 7, 2015 6:23 AM
    Tuesday, December 30, 2014 2:11 PM