Search code examples
azure-storageazure-storage-account

cannot find place to associate stored access policy to SAS

i have created SAP (stored access policy) at container level. Gen2 storage

now when I am going to a particular file inside a container and right-clicking and then "generate SAS". I do not see any option to associate SAS to SAP.

I can see Microsoft articles where they say it is possible, but i do not see it on azure portal. no matter what i select on SAS tab (account key or user-delegation key). i still don't see where to select one particular SAP. enter image description here

I tried using storage explored, as mentioned in some of the help steps. somehow my storage explored right-click at container level has lot less options.

enter image description here

Thanks,

Solution

  • SAS (shared access signature) with SAP provides additional layer of security. as SAS is hard to track once created.

    steps to do will be

    1. create SAP at container level, this can be done either via azure portal or via azure storage explorer.

    2. 2nd step is to create SAS, this step has to be done via azure storage explorer (again, this step will not work on web).

    --note: like me, if you do not see this option on storage explorer, this is to do with your role. you need to have OWNER role to storage account, to perform this step.