I see nothing documented on this, so does anyone know if it is possible to restrict the domains that can access a resource placed in blob storage? When you make a container your only choices are public or private.
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I see nothing documented on this, so does anyone know if it is possible to restrict the domains that can access a resource placed in blob storage? When you make a container your only choices are public or private.
That’s right. Currently there is no way to restrict access based on domains or IP. Your only solution to manage security on blob storage is by working with Shared Access Signatures (SAS).
The signature would be generated server side and should be appended to the blob’s URL. The signature can be limited in time (making the signature only valid for 5min for example).
And this could be done in a web application to display images or videos for example. Even if someone ‘steals’ your content, the url would be invalid after a few minutes. Not exactly the same as limiting based on IP or domain, but still very effective.