Read Only Storage Keys
I would like to allow my employees to view the database directly in order to troubleshoot issues in the code. However, in a production environment I don't want them to be able modify and delete table entities and blobs accidentally.
Certainly a clear backup strategy is necessary, but it would be nice to be able to prevent this as much as possible.
If we could have two different secret keys for storage, one for read/write access and one for read-only I could protect the read/write key and provide employees with the read-only key.
Shared Access Signatures (http://msdn.microsoft.com/en-us/library/windowsazure/ee395415.aspx) are available for the Blob, Table, and Queue services and allow for granting read-only access to storage resources.
Gun Lobby commented
R/O keys is absolutely essential - both for application level use and support tasks.
I would like an eta please.
I second this: make this common use case simple, not hard. Thanks.
Aaron Lawrence commented
I can see that SAS technically does achieve the goal. But it's a very complex way to achieve the simple use case that Mike originally asked for, which is simply a second key that provides read-only access. I would like these to be easily creatable in the azure portal. I don't want to have to write large amounts of code to create SAS tokens just in order to allow diagnostic access.