New-AzStorageAccount

Creates a Storage account.

Syntax

New-AzStorageAccount
   [-ResourceGroupName] <String>
   [-Name] <String>
   [-SkuName] <String>
   [-Location] <String>
   [-Kind <String>]
   [-AccessTier <String>]
   [-CustomDomainName <String>]
   [-UseSubDomain <Boolean>]
   [-Tag <Hashtable>]
   [-EnableHttpsTrafficOnly <Boolean>]
   [-AssignIdentity]
   [-UserAssignedIdentityId <String>]
   [-IdentityType <String>]
   [-KeyVaultUserAssignedIdentityId <String>]
   [-KeyName <String>]
   [-KeyVersion <String>]
   [-KeyVaultUri <String>]
   [-NetworkRuleSet <PSNetworkRuleSet>]
   [-EnableHierarchicalNamespace <Boolean>]
   [-EnableAzureActiveDirectoryDomainServicesForFile <Boolean>]
   [-EnableLargeFileShare]
   [-PublishMicrosoftEndpoint <Boolean>]
   [-PublishInternetEndpoint <Boolean>]
   [-AsJob]
   [-EncryptionKeyTypeForTable <String>]
   [-EncryptionKeyTypeForQueue <String>]
   [-RequireInfrastructureEncryption]
   [-SasExpirationPeriod <TimeSpan>]
   [-KeyExpirationPeriodInDay <Int32>]
   [-AllowBlobPublicAccess <Boolean>]
   [-MinimumTlsVersion <String>]
   [-AllowSharedKeyAccess <Boolean>]
   [-AllowCrossTenantReplication <Boolean>]
   [-DefaultSharePermission <String>]
   [-EdgeZone <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [-RoutingChoice <String>]
   [<CommonParameters>]
New-AzStorageAccount
   [-ResourceGroupName] <String>
   [-Name] <String>
   [-SkuName] <String>
   [-Location] <String>
   [-Kind <String>]
   [-AccessTier <String>]
   [-CustomDomainName <String>]
   [-UseSubDomain <Boolean>]
   [-Tag <Hashtable>]
   [-EnableHttpsTrafficOnly <Boolean>]
   [-AssignIdentity]
   [-UserAssignedIdentityId <String>]
   [-IdentityType <String>]
   [-KeyVaultUserAssignedIdentityId <String>]
   [-KeyName <String>]
   [-KeyVersion <String>]
   [-KeyVaultUri <String>]
   [-NetworkRuleSet <PSNetworkRuleSet>]
   [-EnableHierarchicalNamespace <Boolean>]
   [-EnableLargeFileShare]
   [-PublishMicrosoftEndpoint <Boolean>]
   [-PublishInternetEndpoint <Boolean>]
   [-EnableActiveDirectoryDomainServicesForFile <Boolean>]
   [-ActiveDirectoryDomainName <String>]
   [-ActiveDirectoryNetBiosDomainName <String>]
   [-ActiveDirectoryForestName <String>]
   [-ActiveDirectoryDomainGuid <String>]
   [-ActiveDirectoryDomainSid <String>]
   [-ActiveDirectoryAzureStorageSid <String>]
   [-AsJob]
   [-EncryptionKeyTypeForTable <String>]
   [-EncryptionKeyTypeForQueue <String>]
   [-RequireInfrastructureEncryption]
   [-SasExpirationPeriod <TimeSpan>]
   [-KeyExpirationPeriodInDay <Int32>]
   [-AllowBlobPublicAccess <Boolean>]
   [-MinimumTlsVersion <String>]
   [-AllowSharedKeyAccess <Boolean>]
   [-AllowCrossTenantReplication <Boolean>]
   [-DefaultSharePermission <String>]
   [-EdgeZone <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [-RoutingChoice <String>]
   [<CommonParameters>]

Description

The New-AzStorageAccount cmdlet creates an Azure Storage account.

Examples

Example 1: Create a Storage account

PS C:\>New-AzStorageAccount -ResourceGroupName MyResourceGroup -AccountName mystorageaccount -Location westus -SkuName Standard_GRS

This command creates a Storage account for the resource group name MyResourceGroup.

Example 2: Create a Blob Storage account with BlobStorage Kind and hot AccessTier

PS C:\>New-AzStorageAccount -ResourceGroupName MyResourceGroup -AccountName mystorageaccount -Location westus -SkuName Standard_GRS -Kind BlobStorage -AccessTier Hot

This command creates a Blob Storage account that with BlobStorage Kind and hot AccessTier

Example 3: Create a Storage account with Kind StorageV2, and Generate and Assign an Identity for Azure KeyVault.

PS C:\>New-AzStorageAccount -ResourceGroupName MyResourceGroup -AccountName mystorageaccount -Location westus -SkuName Standard_GRS -Kind StorageV2 -AssignIdentity

This command creates a Storage account with Kind StorageV2. It also generates and assigns an identity that can be used to manage account keys through Azure KeyVault.

Example 4: Create a Storage account with NetworkRuleSet from JSON

PS C:\>New-AzStorageAccount -ResourceGroupName MyResourceGroup -AccountName mystorageaccount -Location westus -Type Standard_LRS -NetworkRuleSet (@{bypass="Logging,Metrics";
    ipRules=(@{IPAddressOrRange="20.11.0.0/16";Action="allow"},
            @{IPAddressOrRange="10.0.0.0/7";Action="allow"});
    virtualNetworkRules=(@{VirtualNetworkResourceId="/subscriptions/s1/resourceGroups/g1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1";Action="allow"},
                        @{VirtualNetworkResourceId="/subscriptions/s1/resourceGroups/g1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/subnet2";Action="allow"});
    defaultAction="Deny"})

This command creates a Storage account that has NetworkRuleSet property from JSON

Example 5: Create a Storage account with Hierarchical Namespace enabled.

PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "US West" -SkuName "Standard_GRS" -Kind StorageV2  -EnableHierarchicalNamespace $true

This command creates a Storage account with Hierarchical Namespace enabled.

Example 6: Create a Storage account with Azure Files AAD DS Authentication, and enable large file share.

PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -Kind StorageV2  -EnableAzureActiveDirectoryDomainServicesForFile $true -EnableLargeFileShare

This command creates a Storage account with Azure Files AAD DS Authentication, and enable large file share.

Example 7: Create a Storage account with enable Files Active Directory Domain Service Authentication and DefaultSharePermission.

PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -Kind StorageV2  -EnableActiveDirectoryDomainServicesForFile $true `
        -ActiveDirectoryDomainName "mydomain.com" `
        -ActiveDirectoryNetBiosDomainName "mydomain.com" `
        -ActiveDirectoryForestName "mydomain.com" `
        -ActiveDirectoryDomainGuid "12345678-1234-1234-1234-123456789012" `
        -ActiveDirectoryDomainSid "S-1-5-21-1234567890-1234567890-1234567890" `
        -ActiveDirectoryAzureStorageSid "S-1-5-21-1234567890-1234567890-1234567890-1234" `
        -DefaultSharePermission StorageFileDataSmbShareElevatedContributor

This command creates a Storage account withenable Files Active Directory Domain Service Authentication and DefaultSharePermission.

Example 8: Create a Storage account with Queue and Table Service use account-scoped encryption key, and Require Infrastructure Encryption.

PS C:\>New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -Kind StorageV2  -EncryptionKeyTypeForTable Account -EncryptionKeyTypeForQueue Account -RequireInfrastructureEncryption

PS C:\>$account = get-AzStorageAccount -ResourceGroupName $rgname -StorageAccountName $accountName

PS C:\>$account.Encryption.Services.Queue

Enabled LastEnabledTime     KeyType
------- ---------------     -------
   True 1/9/2020 6:09:11 AM Account

PS C:\>$account.Encryption.Services.Table

Enabled LastEnabledTime     KeyType
------- ---------------     -------
   True 1/9/2020 6:09:11 AM Account

PS C:\> $account.Encryption.RequireInfrastructureEncryption
True

This command creates a Storage account with Queue and Table Service use account-scoped encryption key and Require Infrastructure Encryption, so Queue and Table will use same encryption key with Blob and File service, and the service will apply a secondary layer of encryption with platform managed keys for data at rest. Then get the Storage account properties, and view the encryption keytype of Queue and Table Service, and RequireInfrastructureEncryption value.

Example 9: Create account MinimumTlsVersion and AllowBlobPublicAccess, and disable SharedKey Access

PS C:\> $account = New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -Kind StorageV2 -MinimumTlsVersion TLS1_1 -AllowBlobPublicAccess $false -AllowSharedKeyAccess $false

PS C:\> $account.MinimumTlsVersion
TLS1_1

PS C:\> $account.AllowBlobPublicAccess
False

PS C:\> $a.AllowSharedKeyAccess
False

The command create account with MinimumTlsVersion, AllowBlobPublicAccess, and disable SharedKey access to the account, and then show the the 3 properties of the created account

Example 10: Create a Storage account with RoutingPreference setting

PS C:\>$account = New-AzStorageAccount -ResourceGroupName "MyResourceGroup" -AccountName "mystorageaccount" -Location "eastus2euap" -SkuName "Standard_LRS" -PublishMicrosoftEndpoint $true -PublishInternetEndpoint $true -RoutingChoice MicrosoftRouting

PS C:\>$account.RoutingPreference

RoutingChoice    PublishMicrosoftEndpoints PublishInternetEndpoints
-------------    ------------------------- ------------------------
MicrosoftRouting                     True                     True

PS C:\>$account.PrimaryEndpoints

Blob               : https://mystorageaccount.blob.core.windows.net/
Queue              : https://mystorageaccount.queue.core.windows.net/
Table              : https://mystorageaccount.table.core.windows.net/
File               : https://mystorageaccount.file.core.windows.net/
Web                : https://mystorageaccount.z2.web.core.windows.net/
Dfs                : https://mystorageaccount.dfs.core.windows.net/
MicrosoftEndpoints : {"Blob":"https://mystorageaccount-microsoftrouting.blob.core.windows.net/","Queue":"https://mystorageaccount-microsoftrouting.queue.core.windows.net/","Table":"https://mystorageaccount-microsoftrouting.table.core.windows.net/","File":"ht
                     tps://mystorageaccount-microsoftrouting.file.core.windows.net/","Web":"https://mystorageaccount-microsoftrouting.z2.web.core.windows.net/","Dfs":"https://mystorageaccount-microsoftrouting.dfs.core.windows.net/"}
InternetEndpoints  : {"Blob":"https://mystorageaccount-internetrouting.blob.core.windows.net/","File":"https://mystorageaccount-internetrouting.file.core.windows.net/","Web":"https://mystorageaccount-internetrouting.z2.web.core.windows.net/","Dfs":"https://w
                     eirp3-internetrouting.dfs.core.windows.net/"}

This command creates a Storage account with RoutingPreference setting: PublishMicrosoftEndpoint and PublishInternetEndpoint as true, and RoutingChoice as MicrosoftRouting.

Example 11: Create a Storage account with EdgeZone and AllowCrossTenantReplication

PS C:\>$account = New-AzStorageAccount -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -SkuName Premium_LRS -Location westus -EdgeZone "microsoftlosangeles1" -AllowCrossTenantReplication $false

PS C:\>$account.ExtendedLocation

Name                 Type    
----                 ----    
microsoftlosangeles1 EdgeZone

PS C:\> $account.AllowCrossTenantReplication
False

This command creates a Storage account with EdgeZone as "microsoftlosangeles1" and AllowCrossTenantReplication as false, then show the created account related properties.

Example 12: Create a Storage account with KeyExpirationPeriod and SasExpirationPeriod

PS C:\> $account = New-AzStorageAccount -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -SkuName Premium_LRS -Location eastus -KeyExpirationPeriodInDay 5 -SasExpirationPeriod "1.12:05:06"

PS C:\> $$account.KeyPolicy.KeyExpirationPeriodInDays
5

PS C:\> $$account.SasPolicy.SasExpirationPeriod
1.12:05:06

This command creates a Storage account with KeyExpirationPeriod and SasExpirationPeriod, then show the created account related properties.

Example 12: Create a Storage account with Keyvault encryption (access Keyvault with user assigned identity)

# Create KeyVault (no need if using exist keyvault)
PS C:\> $keyVault = New-AzKeyVault -VaultName $keyvaultName -ResourceGroupName $resourceGroupName -Location eastus2euap -EnablePurgeProtection
PS C:\> $key = Add-AzKeyVaultKey -VaultName $keyvaultName -Name $keyname -Destination 'Software'

# create user assigned identity and grant access to keyvault (no need if using exist user assigned identity)
PS C:\> $userId = New-AzUserAssignedIdentity -ResourceGroupName $resourceGroupName -Name $userIdName
PS C:\> Set-AzKeyVaultAccessPolicy -VaultName $keyvaultName -ResourceGroupName $resourceGroupName -ObjectId $userId.PrincipalId -PermissionsToKeys get,wrapkey,unwrapkey -BypassObjectIdValidation
PS C:\> $useridentityId= $userId.Id

# create Storage account with Keyvault encryption (access Keyvault with user assigned identity), then show properties
PS C:\> $account = New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -Kind StorageV2 -SkuName Standard_LRS -Location eastus2euap `
                -IdentityType SystemAssignedUserAssigned  -UserAssignedIdentityId $useridentityId  `
                -KeyVaultUri $keyVault.VaultUri -KeyName $keyname -KeyVaultUserAssignedIdentityId $useridentityId

PS C:\> $account.Encryption.EncryptionIdentity

EncryptionUserAssignedIdentity                                                                                                                 
------------------------------ 
/subscriptions/{subscription-id}/resourceGroups/myresourcegroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myuserid

PS C:\> $account.Encryption.KeyVaultProperties

KeyName                       : wrappingKey
KeyVersion                    : 
KeyVaultUri                   : https://mykeyvault.vault.azure.net:443
CurrentVersionedKeyIdentifier : https://mykeyvault.vault.azure.net/keys/wrappingKey/8e74036e0d534e58b3bd84b319e31d8f
LastKeyRotationTimestamp      : 4/12/2021 8:17:57 AM

This command first create a keyvault and a user assigned identity, then create a storage account with keyvault encryption (the storage access access keyvault with the user assigned identity).

Parameters

-AccessTier

Specifies the access tier of the Storage account that this cmdlet creates. The acceptable values for this parameter are: Hot and Cool. If you specify a value of BlobStorage for the Kind parameter, you must specify a value for the AccessTier parameter. If you specify a value of Storage for this Kind parameter, do not specify the AccessTier parameter.

Type:String
Accepted values:Hot, Cool
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryAzureStorageSid

Specifies the security identifier (SID) for Azure Storage. This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryDomainGuid

Specifies the domain GUID. This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryDomainName

Specifies the primary domain that the AD DNS server is authoritative for. This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryDomainSid

Specifies the security identifier (SID). This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryForestName

Specifies the Active Directory forest to get. This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ActiveDirectoryNetBiosDomainName

Specifies the NetBIOS domain name. This parameter must be set when -EnableActiveDirectoryDomainServicesForFile is set to true.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AllowBlobPublicAccess

Allow public access to all blobs or containers in the storage account. The default interpretation is true for this property.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AllowCrossTenantReplication

Gets or sets allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AllowSharedKeyAccess

Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AssignIdentity

Generate and assign a new Storage account Identity for this Storage account for use with key management services like Azure KeyVault.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CustomDomainName

Specifies the name of the custom domain of the Storage account. The default value is Storage.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:Microsoft.Azure.Commands.Common.Authentication.Abstractions.Core.IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultSharePermission

Default share permission for users using Kerberos authentication if RBAC role is not assigned.

Type:String
Accepted values:None, StorageFileDataSmbShareContributor, StorageFileDataSmbShareReader, StorageFileDataSmbShareElevatedContributor, StorageFileDataSmbShareOwner
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EdgeZone

Set the extended location name for EdgeZone. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableActiveDirectoryDomainServicesForFile

Enable Azure Files Active Directory Domain Service Authentication for the storage account.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableAzureActiveDirectoryDomainServicesForFile

Enable Azure Files Azure Active Directory Domain Service Authentication for the storage account.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableHierarchicalNamespace

Indicates whether or not the Storage account enables Hierarchical Namespace.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableHttpsTrafficOnly

Indicates whether or not the Storage account only enables HTTPS traffic.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableLargeFileShare

Indicates whether or not the storage account can support large file shares with more than 5 TiB capacity. Once the account is enabled, the feature cannot be disabled. Currently only supported for LRS and ZRS replication types, hence account conversions to geo-redundant accounts would not be possible. Learn more in https://go.microsoft.com/fwlink/?linkid=2086047

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EncryptionKeyTypeForQueue

Set the Encryption KeyType for Queue. The default value is Service. -Account: Queue will be encrypted with account-scoped encryption key. -Service: Queue will always be encrypted with Service-Managed keys.

Type:String
Accepted values:Service, Account
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EncryptionKeyTypeForTable

Set the Encryption KeyType for Table. The default value is Service.

  • Account: Table will be encrypted with account-scoped encryption key.
  • Service: Table will always be encrypted with Service-Managed keys.
Type:String
Accepted values:Service, Account
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-IdentityType

Set the new Storage Account Identity type, the idenetity is for use with key management services like Azure KeyVault.

Type:String
Accepted values:SystemAssigned, UserAssigned, SystemAssignedUserAssigned, None
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyExpirationPeriodInDay

The Key expiration period of this account, it is accurate to days.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyName

Storage Account encryption keySource KeyVault KeyName

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyVaultUri

Storage Account encryption keySource KeyVault KeyVaultUri

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyVaultUserAssignedIdentityId

Set resource id for user assigned Identity used to access Azure KeyVault of Storage Account Encryption, the id must in UserAssignIdentityId.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-KeyVersion

Storage Account encryption keySource KeyVault KeyVersion

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Kind

Specifies the kind of Storage account that this cmdlet creates. The acceptable values for this parameter are:

  • Storage. General purpose Storage account that supports storage of Blobs, Tables, Queues, Files and Disks.
  • StorageV2. General Purpose Version 2 (GPv2) Storage account that supports Blobs, Tables, Queues, Files, and Disks, with advanced features like data tiering.
  • BlobStorage. Blob Storage account which supports storage of Blobs only.
  • BlockBlobStorage. Block Blob Storage account which supports storage of Block Blobs only.
  • FileStorage. File Storage account which supports storage of Files only. The default value is StorageV2.
Type:String
Accepted values:Storage, StorageV2, BlobStorage, BlockBlobStorage, FileStorage
Position:Named
Default value:StorageV2
Accept pipeline input:False
Accept wildcard characters:False
-Location

Specifies the location of the Storage account to create.

Type:String
Position:3
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-MinimumTlsVersion

The minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.

Type:String
Accepted values:TLS1_0, TLS1_1, TLS1_2
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Name

Specifies the name of the Storage account to create.

Type:String
Aliases:StorageAccountName, AccountName
Position:1
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-NetworkRuleSet

NetworkRuleSet is used to define a set of configuration rules for firewalls and virtual networks, as well as to set values for network properties such as services allowed to bypass the rules and how to handle requests that don't match any of the defined rules.

Type:PSNetworkRuleSet
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-PublishInternetEndpoint

Indicates whether internet routing storage endpoints are to be published

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-PublishMicrosoftEndpoint

Indicates whether microsoft routing storage endpoints are to be published

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RequireInfrastructureEncryption

The service will apply a secondary layer of encryption with platform managed keys for data at rest.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ResourceGroupName

Specifies the name of the resource group in which to add the Storage account.

Type:String
Position:0
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-RoutingChoice

Routing Choice defines the kind of network routing opted by the user. Possible values include: 'MicrosoftRouting', 'InternetRouting'

Type:String
Accepted values:MicrosoftRouting, InternetRouting
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SasExpirationPeriod

The SAS expiration period of this account, it is a timespan and accurate to seconds.

Type:TimeSpan
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SkuName

Specifies the SKU name of the Storage account that this cmdlet creates. The acceptable values for this parameter are:

  • Standard_LRS. Locally-redundant storage.
  • Standard_ZRS. Zone-redundant storage.
  • Standard_GRS. Geo-redundant storage.
  • Standard_RAGRS. Read access geo-redundant storage.
  • Premium_LRS. Premium locally-redundant storage.
  • Premium_ZRS. Premium zone-redundant storage.
  • Standard_GZRS - Geo-redundant zone-redundant storage.
  • Standard_RAGZRS - Read access geo-redundant zone-redundant storage.
Type:String
Aliases:StorageAccountType, AccountType, Type
Accepted values:Standard_LRS, Standard_ZRS, Standard_GRS, Standard_RAGRS, Premium_LRS, Premium_ZRS, Standard_GZRS, Standard_RAGZRS
Position:2
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-Tag

Key-value pairs in the form of a hash table set as tags on the server. For example: @{key0="value0";key1=$null;key2="value2"}

Type:Hashtable
Aliases:Tags
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-UserAssignedIdentityId

Set resource ids for the the new Storage Account user assigned Identity, the identity will be used with key management services like Azure KeyVault.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-UseSubDomain

Indicates whether to enable indirect CName validation.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

Outputs

PSStorageAccount