DEV Community

Cover image for Update on How To Control storage access
Ajayi Daniel
Ajayi Daniel

Posted on

Update on How To Control storage access

Controlling storage access means managing who can read, write, or manage data stored in your cloud environment (like Azure Blob Storage or File Shares).
Why It’s Important:
Keeps unauthorized users out
Ensures data security
Supports compliance and auditing
Common Tools Used:
Role-Based Access Control (RBAC) – Assigns permissions based on user roles (e.g., Reader, Contributor)
Access Keys / SAS Tokens – Temporary access without full credentials
Network restrictions – Limit access to certain IP addresses or networks

Step 1 from the Azure portal home page, in the search box, enter storage accounts. Select storage accounts under services.

storage
Step 2 On the storage account blade, under the Data storage submenu, select Containers. Select + Add container.
In the Name field, enter storage-container.
Select Create.

Image

Innn

Role 2 Upload a file to the storage container
Step 1 Select the storage container you just created.

container
step 2 Select Upload and upload the file you prepared.

upload

drag

passport

ROLE 3 Change the access tier
STEP 1Select Cold. Select Save.

TIER

Tier 2

SAVE

ROLE 4 Create a file share
Creating a file share means setting up a shared storage space in the cloud (like in Azure Files) where multiple users or systems can store, access, and share files over a networ
STEP 1 Select storage accounts under services.
Select the storage account you created in the Prepare exercise. The storage account name is the hyperlink to the storage account. (Note: it should be associated with the resource group guided-project-rg.)
On the storage account blade, under the Data storage submenu, select File shares.
Select + File share. On the Basics tab, in the name field enter file-share. On the Backup tab, uncheck Enable backup.
Select Review + create.
Select Create.
Once the file share is created, select Upload.
Upload the same file you uploaded to the blob storage or a different file, it’s up to you.
Select Home to return to the Azure portal home page.

IIII

BOST

NNNN

BBB

ROLE 5 Create a shared access signature token
A Shared Access Signature (SAS) token is a secure, time-limited link that gives specific access to your cloud storage (like files or blobs) without sharing your main account keys.
Step1 On the storage account blade, select Storage browser.
Expand Blob containers. Select the storage container you created earlier, storage-container.
bob

bbbbb
Step 2 Select the ellipses (three dots) on the end of the line for the image you uploaded.Select Generate SAS.

ppp

Im
step3 Set Allowed protocols to HTTPS only.
Select Generate SAS token and URI.
Copy the Blob SAS URL and paste it in another window or tab of your browser. It should display the image you uploaded. Keep this tab or window open

de

gggg

best

Role 6 Rotate access keys
Rotating access keys means regularly changing your storage or service keys (like those in Azure) to enhance security and reduce the risk of unauthorized access.

step 1
Select storage accounts under services.Expand the Security + networking submenu. Select Access keys.

Image
step 2
For Key 1, select Rotate key.
Read and then acknowledge the warning about regenerating the access key by selecting Yes

Imag

Top comments (0)