Expand my Community achievements bar.

SOLVED

Insecure 'Azure Blob Connection' destination authentication option

Avatar

Level 1

For an internal use case we require to have a feedback loop of tagging data from Adobe AEP to the Azure ecosystem (Azure Synapse). This way the tagging data information can be made available internally for other applications.

The tagging data in this feedback loop will be put together via Adobe Distiller and then exported daily via an 'Azure Blob Connection' destination.

 

To connect to this Azure Storage Container Adobe AEP requires to connect via the storage account access keys. This is not a secure method to connect to a storage account as anyone who obtains access to these access keys can execute administrator privileged actions on this storage account.

 

Could the 'Azure Blob Connection' destination' authentication method please be extended with a more secure method to connect like SAS-keys.

1 Accepted Solution

Avatar

Correct answer by
Employee

Hi @WmDc,

The Destination connection to the Azure Blob container from AEP can be established using PGP/GPG encryption keys. You can generate the Private and Public keys to establish the connection.

You will have the option to whitelist the Private key for the Public key to work. Also to govern it better, you can create multiple roles and only allow access to certain roles.

 

Regards,

Kumar Saurabh

View solution in original post

1 Reply

Avatar

Correct answer by
Employee

Hi @WmDc,

The Destination connection to the Azure Blob container from AEP can be established using PGP/GPG encryption keys. You can generate the Private and Public keys to establish the connection.

You will have the option to whitelist the Private key for the Public key to work. Also to govern it better, you can create multiple roles and only allow access to certain roles.

 

Regards,

Kumar Saurabh