Azure Service Bus Shared Access Signature

1
votes

We're looking to limit the power our projects have over manipulating our Azure Service Bus.

Currently all projects have visibility of all topics and queues, is there a way for a single service bus to have multiple shared access keys which give visibility to certain topics and queues?

For example:

  • Service Bus A
    • Topic A
      • Queue AA
      • Queue AB
    • Topic B
      • Queue BA
      • Queue BB

Service Bus A should have two shared access policies

  • Policy A gives access to Topic A, Queue AA and Queue AB
  • Policy B gives access to Topic B, Queue BA and Queue BB

In this scenario we could give Policy A to Project A and Policy B to Project B.

1
azureazureservicebusmasstransit
Could you elaborate? Do you want to have a single client to use multiple keys or multiple clients with a dedicated key?Sean Feldman
Elaborated original question, cheers. But to answer your question it could be both. We want to control what the project sees in the same way you would control a DB users access to tables and procedures.Nick Spicer

1 Answers

1
votes

According to the Documentation you can have up to 12 rules per SB namespace, queue or topic. The rules can either give Send, Listen or Manage permissions.

The documentation & samples for what I think you are trying to achieve is here: https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-sas

This includes a table at the end which lists the permissions required for each operation

HTH