Microsoft Azure Administrator Associate AZ-104 Practice Question
You are an Azure administrator for your company. You need to provide a third-party vendor with temporary access to a specific blob container in your Azure Storage account so they can upload files for the next 24 hours. You must ensure the vendor cannot access the container after this period. Which method should you use to grant the vendor the required access?
Create a stored access policy with write permissions and no expiration date
Generate a service-level shared access signature for the container with write permissions and a 24-hour expiration time
Generate an account-level shared access signature with write permissions and a 24-hour expiration time
Creating a service-level shared access signature (SAS) for the container with write permissions and a 24-hour expiry time is the correct approach. A service-level SAS allows you to grant limited access to specific resources in your storage account with defined permissions and duration. An account-level SAS provides access at a broader scope, including all services in the storage account, which is unnecessary and less secure for this scenario. A stored access policy without an expiration does not automatically revoke access after 24 hours, potentially leaving the container accessible beyond the intended period.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a shared access signature (SAS) in Azure?
Open an interactive chat with Bash
How does a service-level SAS differ from an account-level SAS?
Open an interactive chat with Bash
What steps are involved in creating a service-level SAS with an expiration time?
Open an interactive chat with Bash
Microsoft Azure Administrator Associate AZ-104
Implement and manage storage
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Information Technology Package Join Premium for Full Access