Exam AZ-204 topic 4 question 38 discussion

A. Generate a shared access signature (SAS) for the Azure Blob storage account and provide the SAS to all developers. A shared access signature (SAS) is a secure token that can be used to grant temporary and revocable access to a blob container or individual blobs. You can specify an expiration time for the SAS, so it will automatically expire after the two-month time period, making the blob storage account no longer accessible to the developers. This approach allows you to grant the developers the necessary access to the Azure Blob storage account while still maintaining control over the access, and it also allows you to revoke access easily after the two-month time period.

A. Generate a shared access signature (SAS) for the Azure Blob storage account and provide the SAS to all developers. Most Voted

got in exam 28/09/2029

got this question on 06-29-2023

A seems to be the correct answer

Seems it's B A JWT contains three segments, a header, a body, and a signature. The signature segment can be used to validate the authenticity of the token so that it can be trusted by your application. https://learn.microsoft.com/en-us/azure/active-directory-b2c/tokens-overview#validation

In practical situations, especially it is about your own developers (not outsiders) and expected to have AD roles, it is good to give RBAC roles and remove it after 2 months. But, I guess Microsoft wants to answer SAS. So, please choose SAS as the answer

Correct https://learn.microsoft.com/en-us/azure/cognitive-services/translator/document-translation/create-sas-tokens?tabs=Containers

SAS has start and expiry date/time defined.

https://azure.microsoft.com/de-de/blog/azure-blob-storage-lifecycle-management-now-generally-available/ lifecycle is for blobs and not for the access

why not B?