Exportera (0) Skriv ut
Visa allt
EN
Det här innehållet finns inte tillgängligt på ditt språk men här finns den engelska versionen,
7 av 19 bedömde detta vara till hjälp - Bedöm det här ämnet

Delegating Access with a Shared Access Signature (REST API)

Updated: November 26, 2013

A shared access signature is a URI that grants restricted access rights to containers, blobs, queues, and tables. You can provide a shared access signature to clients who should not be trusted with your storage account key but to whom you wish to delegate access to certain storage account resources. By distributing a shared access signature URI to these clients, you can grant them access to a resource for a specified period of time, with a specified set of permissions.

A shared access signature can grant any of the following operations to a client that possesses the signature:

  • Reading and writing page or block blob content, block lists, properties, and metadata

  • Deleting, leasing, and creating a snapshot of a blob

  • Listing the blobs within a container

  • Adding, removing, updating, and deleting queue messages (in version 2012-02-12 and newer)

  • Getting queue metadata, including the message count (in version 2012-02-12 and newer)

  • Querying, adding, updating, deleting, and upserting table entities (in version 2012-02-12 and newer)

  • Copying to a blob from another blob within the same account (in version 2013-08-15 and newer)

The shared access signature URI query parameters incorporate all of the information necessary to grant controlled access to a storage resource. The URI query parameters specify the time interval over which the shared access signature is valid, the permissions that it grants, the resource that is to be made available, and the signature that the storage services should use to authenticate the request. For details on how the shared access signature is constructed, see Constructing the Shared Access Signature URI (REST API). For examples of shared access signatures, see Examples of Shared Access Signatures (REST API).

Additionally, the shared access signature URI can reference a stored access policy that provides an additional level of control over a set of signatures, including the ability to modify or revoke access to the resource if necessary. For more information on stored access policies, see Establishing a Stored Access Policy (REST API) and Use a Stored Access Policy.

See Also

Var detta till hjälp?
(1500 tecken kvar)
Tack för dina kommentarer
Visa:
© 2014 Microsoft. Med ensamrätt.