1

I´ve done some "Googling" to figure out the big difference between SAS and ACS Azure Authorization strategy and I could not find something that really have convinced me. Could someone point me the best cenario when to use one or another and the differences between then? Thanks a lot.

David Makogon
  • 69,407
  • 21
  • 141
  • 189
outlookrperson
  • 2,761
  • 7
  • 32
  • 49

1 Answers1

2

SAS tokens are one of the authz capabilities that the Storage service exposes for delegating access to storage resources. You can delegate a subset of privileges to specific resources for a specific period of time. You can read more about it here. ACS is an access control capability that is available for many Azure workloads - but has not yet been integrated to support Storage. You can read more about ACS here.

Storage enables three main ways to restrict access to resources:

  1. Storage account access keys
  2. SAS Tokens
  3. Blobs can also be configured to private access, public container or public blob.

There is also a good whitepaper on Security, Privacy and Compliance that you can find here.

Jason Hogg - MSFT
  • 1,369
  • 9
  • 10
  • Thanks for your reply, but I know how to use SAS and ACS. For example, nowadays, when a service bus is created an ACS is not associated to it anymore. Why should I prefer to use SAS instead of ACS? Disregarding the fact that I can create temporary accesses with SAS, I cannot see great advantages in using the SAS instead of ACS. So I'm still waiting for a reply that convinces me. – outlookrperson Jan 21 '15 at 12:39