You have an Azure Storage account named storage1 that contains a blob container named container1. You need to prevent new content added to container1 from being modified for one year. What should you configure?
Answer B
Time-based retention policies: With a time-based retention policy, users can set policies to store data for a specified interval. When a time-based retention policy is set, objects can be created and read, but not modified or deleted. After the retention period has expired, objects can be deleted but not overwritten.
Access policy
"While in a WORM state, data cannot be modified or deleted for a user-specified interval. By configuring immutability policies for blob data, you can protect your data from overwrites and deletes."
https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-storage-overview?tabs=azure-portal
Answer B
A stored access policy provides an additional level of control over service-level shared access signatures (SASs) on the server side. Establishing a stored access policy serves to group shared access signatures and to provide additional restrictions for signatures that are bound by the policy.
You can use a stored access policy to change the start time, expiry time, or permissions for a signature. You can also use a stored access policy to revoke a signature after it has been issued.
The following storage resources support stored access policies:
Blob containers
File shares
Queues
Tables
Answer B
Link: https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-policy-configure-container-scope?source=recommendations&tabs=azure-portal#configure-a-retention-policy-on-a-container
B is the answer.
https://learn.microsoft.com/en-us/azure/storage/blobs/immutable-storage-overview
Immutable storage for Azure Blob Storage enables users to store business-critical data in a WORM (Write Once, Read Many) state. While in a WORM state, data cannot be modified or deleted for a user-specified interval. By configuring immutability policies for blob data, you can protect your data from overwrites and deletes.
B) "an access policy"
Using SAS in conjunction with a stored Access Policy the desired outcome can be achieved: "You can use a stored access policy to change the start time, expiry time, or permissions for a signature. You can also use a stored access policy to revoke a signature after it has been issued." - https://docs.microsoft.com/en-us/rest/api/storageservices/define-stored-access-policy
Answer B: Tested in LAB
Time-based retention policies: With a time-based retention policy, users can set policies to store data for a specified interval. When a time-based retention policy is set, objects can be created and read, but not modified or deleted. After the retention period has expired, objects can be deleted but not overwritten.
Answer B
Time-based retention policies: With a time-based retention policy, users can set policies to store data for a specified interval. When a time-based retention policy is set, objects can be created and read, but not modified or deleted. After the retention period has expired, objects can be deleted but not overwritten.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
rrabeya
Highly Voted 3 years, 3 months agorrabeya
3 years, 3 months agoduomianhu
2 years, 10 months agoCarlosadan10
2 years agobreakerboyz09
Highly Voted 3 years, 5 months ago[Removed]
Most Recent 6 months agoAmir1909
1 year agobabakeyfgir
1 year, 1 month agoMehedi007
1 year, 7 months agoRichard1205
1 year, 8 months agoMehul078
1 year, 8 months agoGaskonader
1 year, 11 months agozellck
2 years, 1 month agoNaoVaz
2 years, 5 months agoBurnie
2 years, 5 months agoEmnCours
2 years, 6 months agoepomatti
2 years, 10 months agoValunchai
2 years, 12 months agozr79
3 years agoepomatti
2 years, 10 months agoWS_21
3 years ago