az storage container policy
Manage container stored access policies.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az storage container policy create |
Create a stored access policy on the containing object. |
Core | GA |
| az storage container policy delete |
Delete a stored access policy on a containing object. |
Core | GA |
| az storage container policy list |
List stored access policies on a containing object. |
Core | GA |
| az storage container policy show |
Show a stored access policy on a containing object. |
Core | GA |
| az storage container policy update |
Set a stored access policy on a containing object. |
Core | GA |
az storage container policy create
Create a stored access policy on the containing object.
az storage container policy create --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--blob-endpoint]
[--connection-string]
[--expiry]
[--lease-id]
[--permissions]
[--sas-token]
[--start]Required Parameters
The container name.
The stored access policy name.
Optional Parameters
Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.
Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.
The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.
Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.
Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.
Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').
The container lease ID.
Allowed values: (a)dd (c)reate (d)elete (e)xecute (f)ilter_by_tags (i)set_immutability_policy (l)ist (m)ove (r)ead (t)ag (w)rite (x)delete_previous_version (y)permanent_delete. Can be combined.
A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.
Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az storage container policy delete
Delete a stored access policy on a containing object.
az storage container policy delete --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--blob-endpoint]
[--connection-string]
[--lease-id]
[--sas-token]Required Parameters
The container name.
The stored access policy name.
Optional Parameters
Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.
Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.
The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.
Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.
Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.
The container lease ID.
A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az storage container policy list
List stored access policies on a containing object.
az storage container policy list --container-name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--blob-endpoint]
[--connection-string]
[--lease-id]
[--sas-token]Required Parameters
The container name.
Optional Parameters
Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.
Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.
The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.
Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.
Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.
The container lease ID.
A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az storage container policy show
Show a stored access policy on a containing object.
az storage container policy show --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--blob-endpoint]
[--connection-string]
[--lease-id]
[--sas-token]Required Parameters
The container name.
The stored access policy name.
Optional Parameters
Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.
Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.
The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.
Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.
Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.
The container lease ID.
A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az storage container policy update
Set a stored access policy on a containing object.
az storage container policy update --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--blob-endpoint]
[--connection-string]
[--expiry]
[--lease-id]
[--permissions]
[--sas-token]
[--start]Required Parameters
The container name.
The stored access policy name.
Optional Parameters
Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.
Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.
The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.
Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.
Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.
Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').
The container lease ID.
Allowed values: (a)dd (c)reate (d)elete (e)xecute (f)ilter_by_tags (i)set_immutability_policy (l)ist (m)ove (r)ead (t)ag (w)rite (x)delete_previous_version (y)permanent_delete. Can be combined.
A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.
Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for