我正在将整个站点迁移到azure,我的服务器上有一些私有文件,我想将它们转移到azure。如何在Azure上限制对这些文件的公共访问?这些文件基本上是只有经过身份验证的人才能下载的报告。我不希望未经过身份验证的人甚至可以访问该文件夹的链接。我怎么能在天蓝色中做到这一点?
答案 0 :(得分:0)
我建议在资源组下的Azure门户中使用基于角色的访问控制(RBAC)功能。此选项允许您管理和/或限制对存储帐户中资源的访问。要查看谁有权访问特定资源,请尝试以下操作:
1 -Select Resource groups in the navigation bar on the left.
2- Resource groups - icon
3- Select the name of the resource group from the Resource groups blade.
4- Select Access control (IAM) from the left menu.
5- The Access control blade lists all users, groups, and applications that have been granted access to the resource group.
要删除访问权限:
1- Hover your cursor over the name of the assignment that you want to remove. A check box appears next to the name.
2-Use the check boxes to select one or more role assignments.
3- Select Remove.
4- Select Yes to confirm the removal.
可在此处找到完整文章: https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-configure
如果您担心公开读取权限,如上所述"默认情况下,容器及其中的任何blob只能由存储帐户的所有者访问。",您可以更改和检查通过执行以下操作,在Container权限下的这些选项上:
> To set container permissions in the Azure portal, follow these steps:
> Open your Storage account blade in the portal. You can find your
> storage account by selecting Storage accounts in the main portal menu
> blade. Under BLOB SERVICE on the menu blade, select Containers.
> Right-click on the container row or select the ellipsis to open the
> container's Context menu. Select Access policy in the context menu.
> Select an Access type from the drop down menu.
完整文章可在此处找到:https://docs.microsoft.com/en-us/azure/storage/blobs/storage-manage-access-to-resources