az storage container policy

Manage container stored access policies.

Commands

az storage container policy create Create a stored access policy on the containing object.
az storage container policy delete Delete a stored access policy on a containing object.
az storage container policy list List stored access policies on a containing object.
az storage container policy show Show a stored access policy on a containing object.
az storage container policy update Set a stored access policy on a containing object.

az storage container policy create

Create a stored access policy on the containing object.

az storage container policy create --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--connection-string]
[--expiry]
[--lease-id]
[--permissions]
[--sas-token]
[--start]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login
--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--expiry

Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').

--lease-id

The container lease ID.

--permissions

Allowed values: (d)elete (l)ist (r)ead (w)rite. Can be combined.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_SAS_TOKEN.

--start

Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.

az storage container policy delete

Delete a stored access policy on a containing object.

az storage container policy delete --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--connection-string]
[--lease-id]
[--sas-token]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login
--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_SAS_TOKEN.

az storage container policy list

List stored access policies on a containing object.

az storage container policy list --container-name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--connection-string]
[--lease-id]
[--sas-token]

Required Parameters

--container-name -c

The container name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login
--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_SAS_TOKEN.

az storage container policy show

Show a stored access policy on a containing object.

az storage container policy show --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--connection-string]
[--lease-id]
[--sas-token]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login
--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_SAS_TOKEN.

az storage container policy update

Set a stored access policy on a containing object.

az storage container policy update --container-name
--name
[--account-key]
[--account-name]
[--auth-mode {key, login}]
[--connection-string]
[--expiry]
[--lease-id]
[--permissions]
[--sas-token]
[--start]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login
--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--expiry

Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').

--lease-id

The container lease ID.

--permissions

Allowed values: (d)elete (l)ist (r)ead (w)rite. Can be combined.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name. Environment variable: AZURE_STORAGE_SAS_TOKEN.

--start

Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.