💻 Tech
Providing Azure Blog Storage access to a service (e.g., CICD pipeline) can be done in different ways, but two of them I learned is Shared Access Signature SAS) and account keys. The former has expiration while the latter doesn’t. Both of them can be provided as an argument in az commands. Apart from that, with SAS, you can specify the kind of resource and permission; it’s granular. For example, you want to create a SAS token to only read blob objects. With account keys, you give full acccess to the configuration and data. SAS makes more sense for time-bound, adhoc operations like a custom query, while access keys are more suitable for regular, routinary operations like CICD pipelines and server processes.