Why Azure storage account has two keys?
Question
Why Azure storage account has two keys ? Please explain with some real time examples
2 answers
solution1
7 2017-10-19 14:43:21
This mechanism is for seamlessly changing access keys without service interruption.
Suppose you leaked an access key and want to change it. If it's just one key and you have it changed in the storage service - then your application services will be unable to access the storage until they are reconfigured to use the new key. That might result in downtime or degradation up to several dozen minutes long and even more depending on how your application services support reconfiguration.
It's much simpler with two keys which can be regenerated separately. Suppose all your application services use the primary key and you want to change both primary and secondary key. You change the secondary key, then reconfigure the services to use the new secondary key, that might take a while but during that time services which you haven't reconfigured yet still use the primary key and can access the storage. Once all your application services have switched to the new secondary key you change the primary key. You may want to reconfigure the services again so that they use the primary key because that's convenient but isn't strictly necessary. This way you have no downtime and no degradation in your application services while both keys are being changed.
solution2
5 2017-10-17 19:02:52
The reason behind two storage account keys is to regenerate the keys with no interruption to your storage service or access to that service.
For more information refer the section “Manage your storage access keys” in the below documentation: https://docs.microsoft.com/en-us/azure/storage/common/storage-create-storage-account#manage-your-storage-account
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.