Manage Access to Windows Azure Storage Resources
By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to other clients without sharing your access key, you have the following options for permitting access:
You can set a container's permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
You can expose a resource via a shared access signature, which enables you to delegate restricted access to a container, blob, table or queue resource by specifying the interval for which the resources are available and the permissions that a client will have to it.
You can use a stored access policy to manage shared access signatures for a container or its blobs, for a queue, or for a table. The stored access policy gives you an additional measure of control over your shared access signatures and also provides a straightforward means to revoke them.
The topics in this section describe how to use these features to control access to storage resources.
In This Section
Other ResourcesDelegating Access with a Shared Access Signature (REST API)