azuredatastudio icon indicating copy to clipboard operation
azuredatastudio copied to clipboard

Published 20 hours ago verified publisher icon microsoft

use user delegation key to get blobs

Open sahuroshan opened this issue 10 months ago • 2 comments

The current way of getting backup files from storage account was failing if we disable shared key access in storage account . With recent security push we need to disable shared key access for storage accounts. This PR contains the change for using user delegation key to get the backup files , user delegation key method works even if the shared key access is disabled for storage accounts.

ADO task - https://msdata.visualstudio.com/Database%20Systems/_workitems/edit/31210535

Reference code - https://github.com/Azure-Samples/AzureStorageSnippets/blob/master/blobs/howto/JavaScript/NodeJS-v12/dev-guide/list-blobs-from-container-sas-token.js

https://learn.microsoft.com/en-us/azure/storage/common/shared-key-authorization-prevent?tabs=portal#understand-how-disallowing-shared-key-affects-sas-tokens

https://learn.microsoft.com/en-us/azure/storage/common/storage-sas-overview

sahuroshan avatar Apr 23 '24 19:04 sahuroshan

@sahuroshan are you still working on this PR or should we close it out as abandoned?

kburtram avatar Jul 09 '24 18:07 kburtram

@sahuroshan are you still working on this PR or should we close it out as abandoned?

Hi @kburtram , This was paused because of security push , we will be starting again on this soon.

sahuroshan avatar Jul 11 '24 08:07 sahuroshan