Windows Azure SDK Trust Policy Reference

[This is preliminary documentation and is subject to change.]

Applications deployed to the Windows® Azure™ fabric operate within a restricted Code Access Security (CAS) environment. The Windows Azure trust policy is a variation on the standard ASP.NET medium trust policy. The differences between the two polices are summarized in the following table.

Permission	State	ASP.NET medium trust	Windows Azure trust
AspNetHosting
	Level	Medium	Medium
DnsPermission
	Unrestricted	Permitted	Permitted
EnvironmentPermission
	Unrestricted	TEMP; TMP; USERNAME; OS; COMPUTERNAME	TEMP;TMP
	Read	TEMP; TMP; USERNAME; OS; COMPUTERNAME	TEMP;TMP
	Write	TEMP; TMP; USERNAME; OS; COMPUTERNAME	TEMP;TMP
EventLogPermission		Denied	Denied
FileIOPermission
	Unrestricted	Denied	Denied
	Read	$AppDir$	$AppDir$; Any named local store
	Write	$AppDir$	Any named local store
	Append	$AppDir$	Any named local store
	PathDiscovery	$AppDir$	$AppDir$; Any named local store
IsolatedStorageFilePermission
	Unrestricted	Denied	Denied
	AssemblyIsolationByUser	Permitted	Denied
	Unrestricted UserQuota	Permitted	Denied
OleDbClientPermission
	Unrestricted	Denied	Denied
PrintingPermission
	Unrestricted	Denied	Denied
	DefaultPrinting	Permitted	Denied
ReflectionPermission
	Unrestricted	Denied	Denied
	RestrictedMemberAccess	Permitted	Permitted
RegistryPermission
	Unrestricted	Denied	Denied
SecurityPermission
	Unrestricted	Denied	Denied
	Assertion	Permitted	Denied
	Execution	Permitted	Permitted
	ControlThread	Permitted	Permitted
	ControlPrinicipal	Permitted	Permitted
	RemotingConfiguration	Permitted	Denied
SocketPermission
	Unrestricted	Denied	Denied
	Connect	Denied	External sites only TCP
	Accept	Denied	Denied
SqlClientPermission
	Unrestricted	Permitted	External sites only
WebPermission
	Unrestricted	Denied	Denied
	Connect	$OriginHost$	External sites only
	Accept	Denied	Denied

Concepts

Windows Azure SDK