I have one Azure storage account with several containers, where I have some guest users who will be logging into the portal, but they should have read
/write
access to the specific containers. These guest users should not have delete
permissions.
I have gone through so many articles but never succeed.
Is there any way where I can achieve this?
To update the public access level for one or more existing containers in the Azure portal, follow these steps: Navigate to your storage account overview in the Azure portal. Under Data storage on the menu blade, select Blob containers. Select the containers for which you want to set the public access level.
A container organizes a set of blobs, similar to a directory in a file system. A storage account can include an unlimited number of containers, and a container can store an unlimited number of blobs.
Active Directory (AD) authorization for Azure Files. Azure Files supports identity-based authorization over SMB through AD. Your AD domain service can be hosted on on-premises machines or in Azure VMs. SMB access to Files is supported using AD credentials from domain joined machines, either on-premises or in Azure.
Azure offers three storage tiers to store data in blob storage: Hot Access tier, Cool Access tier, and Archive tier.
To give a specific container permission, you can do this followings:
Find your container, select Access Policy under the settings blade, and click Add Policy. Select the permissions which you want to give this specific container. Also, public access level is container level.
You can get more details from Manage anonymous read access to containers and blobs
In addition, there is a preview version of managing access rights to Azure storage account with RBAC roles. For the container scope, assign the Storage Blob Data Reader (Preview) role to a user. But it is intended for non-production use only.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With