Remove-AzDataLakeGen2AclRecursive
Remove ACL recursively on the specified path.
Note
This is the previous version of our documentation. Please consult the most recent version for up-to-date information.
Syntax
Remove-AzDataLakeGen2AclRecursive
[-FileSystem] <String>
[[-Path] <String>]
[-ContinuationToken <String>]
-Acl <PSPathAccessControlEntry[]>
[-ContinueOnFailure]
[-BatchSize <Int32>]
[-MaxBatchCount <Int32>]
[-AsJob]
[-Context <IStorageContext>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Remove-AzDataLakeGen2AclRecursive cmdlet removes ACL recursively on the specified path. The ACL entries in original ACL, which has same AccessControlType, DefaultScope and EntityId with input ACL entries (even with different permission) wil lbe removed.
Examples
Example 1: Remove ACL recursively on a root directiry of filesystem
PS C:\>$acl = Set-AzDataLakeGen2ItemAclObject -AccessControlType user -EntityId $id -Permission r-x -DefaultScope
PS C:\>$acl = Set-AzDataLakeGen2ItemAclObject -AccessControlType user -EntityId $id -Permission r-x -InputObject $acl
PS C:\> Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Acl $acl -Context $ctx
WARNING: To find the ACL Entry to remove, will only compare AccessControlType, DefaultScope and EntityId, will omit Permission.
FailedEntries :
TotalDirectoriesSuccessfulCount : 7
TotalFilesSuccessfulCount : 5
TotalFailureCount : 0
ContinuationToken :This command first creates an ACL object with 2 acl entries, then removes ACL recursively on a root directory of a file system.
Example 2: Remove ACL recursively on a directory
PS C:\> $result = Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Path "dir1" -Acl $acl -Context $ctx
WARNING: To find the ACL Entry to remove, will only compare AccessControlType, DefaultScope and EntityId, will omit Permission.
PS C:\> $result
FailedEntries : {dir1/dir2/file4}
TotalDirectoriesSuccessfulCount : 500
TotalFilesSuccessfulCount : 2500
TotalFailureCount : 1
ContinuationToken : VBaHi5TfyO2ai1wYTRhIL2FjbGNibjA2c3RmATAxRDVEN0UzRENFQzZCRTAvYWRsc3Rlc3QyATAxRDY2M0ZCQTZBN0JGQTkvZGlyMC9kaXIxL2ZpbGUzFgAAAA==
PS C:\> $result.FailedEntries
Name IsDirectory ErrorMessage
---- ----------- ------------
dir0/dir2/file4 False This request is not authorized to perform this operation using this permission.
# user need fix the failed item , then can resume with ContinuationToken
PS C:\> $result = Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Path "dir1" -Acl $acl -ContinuationToken $result.ContinuationToken -Context $ctx
WARNING: To find the ACL Entry to remove, will only compare AccessControlType, DefaultScope and EntityId, will omit Permission.
PS C:\> $result
FailedEntries :
TotalDirectoriesSuccessfulCount : 100
TotalFilesSuccessfulCount : 1000
TotalFailureCount : 0
ContinuationToken :This command first removes ACL recursively on a directory and failed, then resume with ContinuationToken after user fix the failed file.
Example 3: Remove ACL recursively chunk by chunk
$token = $null
$TotalDirectoriesSuccess = 0
$TotalFilesSuccess = 0
$totalFailure = 0
$FailedEntries = New-Object System.Collections.Generic.List[System.Object]
do
{
$result = Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Path "dir1" -Acl $acl -BatchSize 1000 -MaxBatchCount 50 -ContinuationToken $token -Context $ctx
# echo $result
$TotalFilesSuccess += $result.TotalFilesSuccessfulCount
$TotalDirectoriesSuccess += $result.TotalDirectoriesSuccessfulCount
$totalFailure += $result.TotalFailureCount
$FailedEntries += $result.FailedEntries
$token = $result.ContinuationToken
}while (($token -ne $null) -and ($result.TotalFailureCount -eq 0))
echo ""
echo "[Result Summary]"
echo "TotalDirectoriesSuccessfulCount: `t$($TotalDirectoriesSuccess)"
echo "TotalFilesSuccessfulCount: `t`t`t$($TotalFilesSuccess)"
echo "TotalFailureCount: `t`t`t`t`t$($totalFailure)"
echo "ContinuationToken: `t`t`t`t`t$($token)"
echo "FailedEntries:"$($FailedEntries | ft)This script will remove ACL rescursively on directory chunk by chunk, with chunk size as BatchSize * MaxBatchCount. Chunk size is 50000 in this script.
Example 4: Remove ACL recursively on a directory and ContinueOnFailure, then resume from failures one by one
PS C:\> $result = Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Path "dir1" -Acl $acl -ContinueOnFailure -Context $ctx
PS C:\> $result
FailedEntries : {dir0/dir1/file1, dir0/dir2/file4}
TotalDirectoriesSuccessfulCount : 100
TotalFilesSuccessfulCount : 500
TotalFailureCount : 2
ContinuationToken : VBaHi5TfyO2ai1wYTRhIL2FjbGNibjA2c3RmATAxRDVEN0UzRENFQzZCRTAvYWRsc3Rlc3QyATAxRDY2M0ZCQTZBN0JGQTkvZGlyMC9kaXIxL2ZpbGUzFgAAAA==
PS C:\> $result.FailedEntries
Name IsDirectory ErrorMessage
---- ----------- ------------
dir0/dir1/file1 False This request is not authorized to perform this operation using this permission.
dir0/dir2/file4 False This request is not authorized to perform this operation using this permission.
# user need fix the failed item , then can resume with ContinuationToken
PS C:\> foreach ($path in $result.FailedEntries.Name)
{
# user code to fix failed entry in $path
#set ACL again
Remove-AzDataLakeGen2AclRecursive -FileSystem "filesystem1" -Path $path -Acl $acl -Context $ctx
}This command first removes ACL recursively to a directory with ContinueOnFailure, and some items failed, then resume the failed items one by one.
Parameters
The POSIX access control list to set recursively for the file or directory.
| Type: | PSPathAccessControlEntry[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Run cmdlet in the background
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
If data set size exceeds batch size then operation will be split into multiple requests so that progress can be tracked. Batch size should be between 1 and 2000. Default is 2000.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Azure Storage Context Object
| Type: | IStorageContext |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Continuation Token.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Set this parameter to ignore failures and continue proceeing with the operation on other sub-entities of the directory. Default the operation will terminate quickly on encountering failures.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
FileSystem name
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Maximum number of batches that single change Access Control operation can execute. If data set size exceeds MaxBatchCount multiply BatchSize, continuation token will be return.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
The path in the specified FileSystem that to change Acl recursively. Can be a file or directory. In the format 'directory/file.txt' or 'directory1/directory2/'. Skip set this parameter to change Acl recursively from root directory of the Filesystem.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |