You manage a collection of large video files that is stored in an Azure Storage account.
A user wants access to one of your video files within the next seven days.
You need to allow the user access only to the video file, and then revoke access once the user no longer
needs it.
What should you do?
A.
Give the user the secondary key for the storage account.
Once the user is done with the file, regenerate the secondary key.
B.
Create an Ad-Hoc Shared Access Signature for the Blob resource.
Set the Shared Access Signature to expire in seven days.
C.
Create an access policy on the container.
Give the external user a Shared Access Signature for the blob by using the policy.
Once the user is done with the file, delete the policy.
D.
Create an access policy on the blob.
Give the external user access by using the policy.
Once the user is done with the file, delete the policy.
Explanation:
See 3) below.
By default, only the owner of the storage account may access blobs, tables, and queues within that
account. If your service or application needs to make these resources available to other clients without
sharing your access key, you have the following options for permitting access:
1.You can set a container’s permissions to permit anonymous read access to the container and its blobs.
This is not allowed for tables or queues.
2. You can expose a resource via a shared access signature, which enables you to delegate restricted
access to a container, blob, table or queue resource by specifying the interval for which the resources are
available and the permissions that a client will have to it.3. You can use a stored access policy to manage shared access signatures for a container or its blobs, for a
queue, or for a table. The stored access policy gives you an additional measure of control over your shared
access signatures and also provides a straightforward means to revoke them.Manage Access to Azure Storage Resources
I think it is C
https://docs.microsoft.com/en-us/azure/storage/storage-dotnet-shared-access-signature-part-1
@to easy : agree 🙂