...
- YADE should support file transfer operations with Azure Blob Storage.
- Technically speaking Azure file transfer operations preferably make use of the HTTPS protocol and a number of query parameters and headers. The implementation with YADE therefore is fairly straightforward.
- The sticking point is about what authentication methods should be supported and how they would be operatedintegrated:
- If blob containers are made publicly available and require no authentication then the YADE supports this out-of-the-box.
- If Azure authentication Azure authentication methods are applied then different implementation strategies are to be considered. Azure supports a range of authentication methods - we picked two of them for this proposal:
- Use of Shared Key authentication, see Authorize with Shared Key
- Use of Shared Access Signature authentication (SAS), see Create an Account SAS
- There are impacts on job operation depending on the authentication method that is preferred by an organization.
...
- Considering use of authentication methods with file transfer jobs there is a clear final statement from SOS: implementation of any authentication method is out of scope of the JobScheduler product.
- Implementation of authentication methods is within the responsibility of the userorganization that uses JobScheduler. Reasons for this include that
- users should not trust any 3rd party implementation of authentication methods,
- a number of authentication methods are offered by Azure that allow an individual choice according to security requirements of an organization,
- there is ongoing development with Azure about improvement of authentication methods.
- Implementation of file transfer operations for Azure blob storage is within the scope of the YADE.
- Implementation of authentication methods is within the responsibility of the userorganization that uses JobScheduler. Reasons for this include that
- Technically this offers the following options:
- An organization can create a single Shared Key or Shared Access Signature that represents a constant value that is made available to all YADE file transfer jobs.
- An organization can create individual Shared Keys or Shared Access Signatures that are used with groups of YADE file transfer jobs or with individual jobs.
...