BlobSharedAccessSignature class

Definition

Provides a factory for creating blob and container access signature tokens with a common account name and account key. Users can either use the factory or can construct the appropriate service and use the generate_*_shared_access_signature method directly.

BlobSharedAccessSignature(account_name, account_key=None, user_delegation_key=None)
Inheritance
builtins.object
BlobSharedAccessSignature

Methods

generate_blob

Generates a shared access signature for the blob or one of its snapshots. Use the returned signature with the sas_token parameter of any BlobService.

generate_container

Generates a shared access signature for the container. Use the returned signature with the sas_token parameter of any BlobService.

generate_blob

Generates a shared access signature for the blob or one of its snapshots. Use the returned signature with the sas_token parameter of any BlobService.

generate_blob(container_name, blob_name, snapshot=None, permission=None, expiry=None, start=None, id=None, ip=None, protocol=None, cache_control=None, content_disposition=None, content_encoding=None, content_language=None, content_type=None)

Parameters

container_name
str
Required

Name of container.

blob_name
str
Required

Name of blob.

snapshot
str
default value: None

The snapshot parameter is an opaque DateTime value that, when present, specifies the blob snapshot to grant permission.

permission
BlobPermissions
default value: None

The permissions associated with the shared access signature. The user is restricted to operations allowed by the permissions. Permissions must be ordered read, write, delete, list. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy.

expiry
datetime or str
default value: None

The time at which the shared access signature becomes invalid. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC.

start
datetime or str
default value: None

The time at which the shared access signature becomes valid. If omitted, start time for this call is assumed to be the time when the storage service receives the request. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC.

id
str
default value: None

A unique value up to 64 characters in length that correlates to a stored access policy. To create a stored access policy, use set_blob_service_properties.

ip
str
default value: None

Specifies an IP address or a range of IP addresses from which to accept requests. If the IP address from which the request originates does not match the IP address or address range specified on the SAS token, the request is not authenticated. For example, specifying sip=168.1.5.65 or sip=168.1.5.60-168.1.5.70 on the SAS restricts the request to those IP addresses.

protocol
str
default value: None

Specifies the protocol permitted for a request made. The default value is https,http. See Protocol for possible values.

cache_control
str
default value: None

Response header value for Cache-Control when resource is accessed using this shared access signature.

content_disposition
str
default value: None

Response header value for Content-Disposition when resource is accessed using this shared access signature.

content_encoding
str
default value: None

Response header value for Content-Encoding when resource is accessed using this shared access signature.

content_language
str
default value: None

Response header value for Content-Language when resource is accessed using this shared access signature.

content_type
str
default value: None

Response header value for Content-Type when resource is accessed using this shared access signature.

generate_container

Generates a shared access signature for the container. Use the returned signature with the sas_token parameter of any BlobService.

generate_container(container_name, permission=None, expiry=None, start=None, id=None, ip=None, protocol=None, cache_control=None, content_disposition=None, content_encoding=None, content_language=None, content_type=None)

Parameters

container_name
str
Required

Name of container.

permission
ContainerPermissions
default value: None

The permissions associated with the shared access signature. The user is restricted to operations allowed by the permissions. Permissions must be ordered read, write, delete, list. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy.

expiry
datetime or str
default value: None

The time at which the shared access signature becomes invalid. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC.

start
datetime or str
default value: None

The time at which the shared access signature becomes valid. If omitted, start time for this call is assumed to be the time when the storage service receives the request. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC.

id
str
default value: None

A unique value up to 64 characters in length that correlates to a stored access policy. To create a stored access policy, use set_blob_service_properties.

ip
str
default value: None

Specifies an IP address or a range of IP addresses from which to accept requests. If the IP address from which the request originates does not match the IP address or address range specified on the SAS token, the request is not authenticated. For example, specifying sip=168.1.5.65 or sip=168.1.5.60-168.1.5.70 on the SAS restricts the request to those IP addresses.

protocol
str
default value: None

Specifies the protocol permitted for a request made. The default value is https,http. See Protocol for possible values.

cache_control
str
default value: None

Response header value for Cache-Control when resource is accessed using this shared access signature.

content_disposition
str
default value: None

Response header value for Content-Disposition when resource is accessed using this shared access signature.

content_encoding
str
default value: None

Response header value for Content-Encoding when resource is accessed using this shared access signature.

content_language
str
default value: None

Response header value for Content-Language when resource is accessed using this shared access signature.

content_type
str
default value: None

Response header value for Content-Type when resource is accessed using this shared access signature.