New-AzStorageContainerSASToken
Generates an SAS token for an Azure storage container.
Syntax
SasPolicy
New-AzStorageContainerSASToken
[-Name] <String>
-Policy <String>
[-Protocol <SharedAccessProtocol>]
[-IPAddressOrRange <String>]
[-StartTime <DateTime>]
[-ExpiryTime <DateTime>]
[-FullUri]
[-EncryptionScope <String>]
[-Context <IStorageContext>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
SasPermission
New-AzStorageContainerSASToken
[-Name] <String>
[-Permission <String>]
[-Protocol <SharedAccessProtocol>]
[-IPAddressOrRange <String>]
[-StartTime <DateTime>]
[-ExpiryTime <DateTime>]
[-FullUri]
[-EncryptionScope <String>]
[-Context <IStorageContext>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The New-AzStorageContainerSASToken cmdlet generates a Shared Access Signature (SAS) token for an Azure storage container.
Examples
Example 1: Generate a container SAS token with full container permission
New-AzStorageContainerSASToken -Name "Test" -Permission rwdl
This example generates a container SAS token with full container permission.
Example 2: Generate multiple container SAS token by pipeline
Get-AzStorageContainer -Container test* | New-AzStorageContainerSASToken -Permission rwdl
This example generates multiple container SAS tokens by using the pipeline.
Example 3: Generate container SAS token with shared access policy
New-AzStorageContainerSASToken -Name "Test" -Policy "PolicyName"
This example generates a container SAS token with shared access policy.
Example 3: Generate a User Identity container SAS token with storage context based on OAuth authentication
$ctx = New-AzStorageContext -StorageAccountName $accountName -UseConnectedAccount
$StartTime = Get-Date
$EndTime = $startTime.AddDays(6)
New-AzStorageContainerSASToken -Name "ContainerName" -Permission rwd -StartTime $StartTime -ExpiryTime $EndTime -context $ctx
This example generates a User Identity container SAS token with storage context based on OAuth authentication
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Context
Specifies an Azure storage context.
You can create it by using the New-AzStorageContext cmdlet.
When the storage context is based on OAuth authentication, will generates a User Identity container SAS token.
Parameter properties
Type: IStorageContext
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: True Value from pipeline by property name: True Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-EncryptionScope
Encryption scope to use when sending requests authorized with this SAS URI.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ExpiryTime
Specifies the time at which the shared access signature becomes invalid.
If the user sets the start time but not the expiry time, the expiry time is set to the start time plus one hour.
If neither the start time nor the expiry time is specified, the expiry time is set to the current time plus one hour.
When the storage context is based on OAuth authentication, the expire time must be in 7 days from current time, and must not be earlier than current time.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-FullUri
Indicates that this cmdlet return the full blob URI and the shared access signature token.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-IPAddressOrRange
Specifies the IP address or range of IP addresses from which to accept requests, such as 168.1.5.65 or 168.1.5.60-168.1.5.70.
The range is inclusive.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Name
Specifies an Azure storage container name.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False Aliases: N, Container
Parameter sets
(All)
Position: 0 Mandatory: True Value from pipeline: True Value from pipeline by property name: True Value from remaining arguments: False
-Permission
Specifies permissions for a storage container.
It is important to note that this is a string, like rwd (for Read, Write and Delete). The permissions that are supported for container resource type are described here .
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SasPermission
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Policy
Specifies an Azure Stored Access Policy.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SasPolicy
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Protocol
Specifies the protocol permitted for a request.
The acceptable values for this parameter are:
HttpsOnly
HttpsOrHttp
The default value is HttpsOrHttp.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-StartTime
Specifies the time at which the shared access signature becomes valid.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
