Microsoft Azure Administrator Associate AZ-104 Practice Question

A Shared Access Signature (SAS) token allows administrators to grant temporary, granular access to Azure Storage resources without sharing their storage account access keys. SAS tokens can specify the permissions, resources, and the time period for which access is granted.

Azure AD authentication is used for securing access with Azure Active Directory identities, but it may not be ideal for scenarios where temporary access for external users is needed.

Stored Access Policies are used to manage SAS tokens more effectively by providing additional control and can be used with SAS tokens but do not grant access on their own.

Generating a storage account access key would expose the account key, providing full access to the storage account, which is not recommended for granting temporary or limited access.