1

I have a public Azure Blob and I have files and folders within it. It is set to public read access. I would like to make sure that the contents of this blob cannot be enumerated so that if someone does not know the precise URL of a file in the public they will not be able to download it.

Does anyone know how to do this? Is this enabled by default? I am wondering what happens for example if someone takes the Azure Blob client and points it at my blob without supplying a password - can they enumerate files?

Any help with this is greatly appreciated.

A X
  • 469
  • 4
  • 10
  • 31

1 Answers1

2

Change the access for the container to “Public read access for blobs only”.

It sounds like you have it set to “Public read access to containers and blobs” which allows enumerating the list of blobs.

https://docs.microsoft.com/en-us/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#set-the-public-access-level-for-a-container

By default, the container is private and no access is available without a SAS token or the storage account keys.

Greg W
  • 701
  • 1
  • 5
  • 8