locked
Blob Storage Security RRS feed

  • Question

  • Hi

    I am wanting to secure our Azure files once we upload them, here is a list of requirements:

    1) Make files read only (ie cannot be overwritten - even by owner)

    2) Lock down what our credentials can do ie remove delete etc

    Has anyone else done this?

    Cheers

    Grant


    Sunday, January 4, 2015 10:35 PM

Answers

  • Hi,

    I would suggest you use shared access signature to manage your azure blob storage, refer to http://msdn.microsoft.com/en-us/library/azure/ee393343.aspx for more information about Manage Access to Azure Storage Resources. Hope this helps, If I misunderstand, please feel free to let me know.  

    Best Regards,

    Jambor


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, January 5, 2015 7:12 AM

All replies

  • this is what I have so far

     // Permissions (read/write at container level)
                    BlobContainerPermissions containerPermissions = new BlobContainerPermissions();
                    containerPermissions.SharedAccessPolicies.Add(
                      "mypolicy", new SharedAccessBlobPolicy() { Permissions = SharedAccessBlobPermissions.Write | SharedAccessBlobPermissions.Read }
                      );
                    containerPermissions.PublicAccess = BlobContainerPublicAccessType.Off;
                    container.SetPermissions(containerPermissions);

                    //Check blob exists - dont overwrite
                    if (container.ListBlobs(request.Key, true).Any())
                    {
                        throw new Exception(string.Format("Error - File already exists, Folder: {0}, Key {1}", request.Folder, request.Key));
                    }

                    
    Sunday, January 4, 2015 11:10 PM
  • Hi,

    I would suggest you use shared access signature to manage your azure blob storage, refer to http://msdn.microsoft.com/en-us/library/azure/ee393343.aspx for more information about Manage Access to Azure Storage Resources. Hope this helps, If I misunderstand, please feel free to let me know.  

    Best Regards,

    Jambor


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, January 5, 2015 7:12 AM