Manage Access to Containers, Blobs, Tables, and Queues

By default, only the owner of the storage account may access blobs, tables, and queues within that account. If your service or application needs to make these resources available to users, you have the following options for permitting access:

• You can set a container's permissions to permit anonymous read access to the container and its blobs. This is not allowed for tables or queues.
  
  
• You can expose a resource via a Shared Access Signature, which enables you to fine-tune access to a container, blob, table or queue resource. For example, you can use a Shared Access Signature to embed a blob resource, such as an image or video, in a web application, or make it available to another client.
  
  

The topics in this section describe how to use these features to control access to storage resources.

In This Section

Restrict Access to Containers and Blobs

Create a Shared Access Signature

Use a Shared Access Signature (REST API)

Use a Stored Access Policy

See Also

Concepts

Restrict Access to Containers and Blobs
Use a Stored Access Policy