Security of an application's data is priority, whether that data is local or in a cloud service such as Microsoft Azure. In this course, you are going to learn everything you need to know about Shared Access Signatures, Azure's out-of-the-box security access control that allows you the ability to specify the who, what, when, and how your data can be accessed. Not only do they afford granular access control over your data, but they provide a uniform way of granting access to data across a wide range of Azure services, dispensing with the need to learn different access controls for every service. Microsoft has provided a way for developers to utilize Shared Access Signatures within their application through Azure's various service's SDKs. Using real-world applications, we'll walk through implementing Shared Access Signatures for a wide range of Azure services ranging from storage services to message bus based services.
Max McCarty is the founder and owner of the software security site LockMeDown.com and hosts the popular Lock Me Down Podcast. As a senior software engineer, Max’s focus is on software security and empowering the everyday developer with the information to write more secure software.
Shared Access Signatures with Table and Blob Storage Services Hi. This is Max McCarty, and in this second module on Getting Started with Microsoft Azure's Shared Access Signatures, we'll be specifically looking at how to use shared access signatures with Azure's Table and Blob storage. Azure's Table storage is one of Azure's NoSQL storage options and is highly scalable, while their Blob storage provides the ability to store large amounts of unstructured data. Both of these services are part of Azure's very popular storage services. We'll be looking at an application in this module that directly interacts with both of these services, and we'll be able to see first hand how to utilize shared access signatures to provide granular data access control to the application's data in these services, as well as address the security issues I pointed out in the first module.
Shared Access Signatures with Azure Service Bus and Queue Storage Services Hi. This is Max McCarty, and in this third module on Getting Started with Microsoft Azure Shared Access Signatures, we'll be focusing on using shared access signatures with the popular Azure Service Bus and Queue storage. I have opted to group these two services due to the similarity in the uses of the services, which translates in an easy way to demonstrate. I'll start off by looking at how we can leverage shared access signatures with the Service Bus service for regulating control of Service Bus topics and subscriptions. Then we'll finish off by looking at controlling, sending, and receiving messages on Azure storage queues. In addition, as I mentioned in module 1, we'll take a quick peek at how knowing how to use shared access signatures with the Service Bus automatically grants you the knowledge for using them for Azure's Notification and Event Hubs. So let's get started.
Shared Access Signatures Best Practices Hi. This is Max McCarty, and welcome to this final module on Getting Started with Microsoft Azure Shared Access Signatures. We have gone over using shared access signatures with a lot of different supported Azure services ranging from the many storage- based services like tables, blobs, and queues, to message bus services, such as Azure Service Bus, Notification, and Event Hub services. We have clearly shown how shared access signatures provides granular access controls to your Azure's resources with ease. While shared access signatures provide a robust and cross surface answer for applying a new or additional layer of security to your data in Azure, there are a number of best practices that we must take into consideration to ensure that we provide the most secure experience, as well as not open unintentional security holes in the process. Not all of the following best practices are necessary, but some are, and as I discuss these points, we'll point out those that must be followed to ensure a secure implementation. While not all apply to every service that supports shared access signatures, for your circumstances I have ordered these practices in the order of importance. So let's get started.