Azure SAS Token issues

Can these issues be sorted out or any feedback comments welcome.

Using for the Azcopy the SAS token can this be done without SAS token or way out which this operation can be performed in another alternative
Suggestions on the expiry time to be set on SAS token, how about security breaches.
Use on the SAS token is it workable by alternative where we can generate for every 1 hour automatically on the bash script where SAS is used.

Solution

If you want to upload large amounts of files to Azure blob and it will spend lots of time, I suggest you use Azure AD Authentication. It may be a better way. And, Azcopy supports multiple Azure AD Authentication ways, such as managed identity, User, Service principal. But, please note that no matter which method you use, you need to assign Storage Blob Data Contributor for them. For more details, please refer to the document

For example, I use a service principal

create a service principal and assign Reader role for the sp.

az login
az account set --subscription "<your subscription id>"
# it will assign Storage Blob Data Contributor to the sp at subscription level
az ad sp create-for-rbac -n "mysample" --role Storage Blob Data Contributor

Azcopy login with Powershell

$env:AZCOPY_SPA_CLIENT_SECRET="$(Read-Host -prompt "Enter key")"
azcopy login --service-principal --application-id <application-id> --tenant-id=<tenant-id>

Use azcopy