New-AzureStorageContainerSASToken

Generates an SAS token for an Azure storage container.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

New-AzureStorageContainerSASToken
   [-Name] <String>
   -Policy <String>
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzureStorageContainerSASToken
   [-Name] <String>
   [-Permission <String>]
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzureStorageContainerSASToken cmdlet generates a Shared Access Signature (SAS) token for an Azure storage container.

Examples

Example 1: Generate a container SAS token with full container permission

PS C:\>New-AzureStorageContainerSASToken -Name "Test" -Permission rwdl

This example generates a container SAS token with full container permission.

Example 2: Generate multiple container SAS token by pipeline

PS C:\>Get-AzureStorageContainer -Container test* | New-AzureStorageContainerSASToken -Permission rwdl

This example generates multiple container SAS tokens by using the pipeline.

Example 3: Generate container SAS token with shared access policy

PS C:\>New-AzureStorageContainerSASToken -Name "Test" -Policy "PolicyName"

This example generates a container SAS token with shared access policy.

Parameters

-Context

Specifies an Azure storage context. You can create it by using the New-AzureStorageContext cmdlet.

Type:IStorageContext
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ExpiryTime

Specifies the time at which the shared access signature becomes invalid. If the user sets the start time but not the expiry time, the expiry time is set to the start time plus one hour. If neither the start time nor the expiry time is specified, the expiry time is set to the current time plus one hour.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-FullUri

Indicates that this cmdlet return the full blob URI and the shared access signature token.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IPAddressOrRange

Specifies the IP address or range of IP addresses from which to accept requests, such as 168.1.5.65 or 168.1.5.60-168.1.5.70. The range is inclusive.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

Specifies an Azure storage container name.

Type:String
Aliases:N, Container
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Permission

Specifies permissions for a storage container. It is important to note that this is a string, like rwd (for Read, Write and Delete).

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Policy

Specifies an Azure Stored Access Policy.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Protocol

Specifies the protocol permitted for a request. The acceptable values for this parameter are:

  • HttpsOnly
  • HttpsOrHttp The default value is HttpsOrHttp.
Type:Nullable<T>[SharedAccessProtocol]
Accepted values:HttpsOnly, HttpsOrHttp
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StartTime

Specifies the time at which the shared access signature becomes valid.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

IStorageContext

Outputs

String