HOTSPOT
You have an Azure Storage account named storage1.
You have an Azure App Service app named app1 and an app named App2 that runs in an Azure container instance. Each app uses a managed identity.
You need to ensure that App1 and App2 can read blobs from storage1 for the next 30 days.
What should you configure in storage1 for each app?
Answer:
Explanation:
With Shared access signature you can limit the resources for access and at the same time can control the duration of the access.
A shared access signature (SAS) provides secure delegated access to resources in your storage account without compromising the security of your data. With a SAS, you have granular control over how a client can access your data. You can control what resources the client may access, what permissions they have on those resources, and how long the SAS is valid, among other parameters.
Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview