Azure-docs: What about Azure table storage?

@hkusulja The only RBAC role that Cosmos DB currently supports is the following, as it just was released (link).

Azure Cosmos DB now provides a new RBAC role, Cosmos DB Operator. This new role lets you provision Azure Cosmos accounts, databases, and containers, but can’t access the keys that are required to access the data. This role is intended for use in scenarios where the ability to grant access to Azure Active Directory service principals to manage deployment operations for Cosmos DB is needed, including the account, database, and containers.

If you should have any capacity planning or migration questions, please feel free to reach out to AskCosmosDB).

@Mike-Ubezzi-MSFT ok, tx for the info, but what about Azure table storage instead of CosmosDB?
Azure storage for files, blobs and queues supports RBAC, but for for tables, they say - "ask cosmosdb team" for this feature on azure table storage.... :/

Similiar issue #27135 is open with the author.
Please continue the discussion there to avoid overlap.

Want to provide a link to all (4) built-in RBAC roles currently available with Cosmos DB (link).

@hkusulja
As for Table Storage, there are the built-in RBAC roles available in the Access Control (IAM) blade and there are SAS (Shared Access Signature) tokens that can be used to grant the appropriate permissions established through the assigned role (link).

@Mike-Ubezzi-MSFT - I am talking about using data from azure storage, which is possible using Azure AD app authentication (app id + secret) and to read data from blobs, files and queues., but not possible for azure table storage..
So question is about this feature.

Reference: https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad-app

Kind regards

@hkusulja The doc this issue is filed against does a great job of describing the benefits gained when moving from Azure Storage Table API to Azure Cosmos DB Table API. It doesn't detail the features you lose, such as additional RBAC flexibility, etc. If there is a specific issue with this document, please use the Feedback form to detail the issue so an update can be made.
As was mention in a previous comment, additional dialog about the Cosmos DB Table API can be provided in that issue. Thank you!

We will now proceed to close this thread. If there are further questions regarding this matter, please comment and we will gladly continue the discussion.

@Mike-Ubezzi-MSFT question on mentioned document brings us to a question about having new features also in azure table storage with - "managed identities for Azure resources with Azure Storage"
since this is only for blobs and queues as it states to this document...

There is a specific document for access via Managed Identities: Authenticate access to blobs and queues with Azure Active Directory and managed identities for Azure Resources (link)

The document you are working with: Authenticate with Azure Active Directory from an application for access to blobs and queues (link) applies only to pure AAD. The bottom of this doc is the link to the Managed Identities edition.

By pure, I mean more basic or simple AAD.

So, can my custom App, connect to Azure Table Storage, using Azure AD app (managed identity)? This is supported only for blobs and queues, but what about update to azure tables?

Support for this usecase is not supported. Please UpVote and Comment on the following forum entry: RBAC for Azure Tables and Allow Azure AD authentication from an application to manage Azure Table Storage

The second link has feedback confirming your previous comment with regard to the Cosmos DB Product Group owning Table storage. So, any additional request for information pertaining to roadmap or features, should be directed to AskCosmosDB. The whole Table Storage versus Cosmos Table API is undergoing some changes and the PG is the best source for an update.