Cannot be revoked without revoking the access key used to create it.If you need to give someone constrained access, They give effectively admin access to the entire Storage account.Īnd you have basically no visibility what is using the Storage account with the keys.
Why this is awesomeīecause until now, the main authentication methods in Storage have been: I've built a small sample app that you can see on GitHub.
Production service-level agreements (SLAs) will not be available until Azure AD integration for Azure Storage is declared generally available.
This preview is intended for non-production use only. Note this is limited to Blobs and Queues at the moment.ĭo remember this is a preview, and heed the warning in the documentation: So now that Azure AD authentication with Storage is in Public Preview,