StorageAccount Interface

Implements

public interface StorageAccount
extends GroupableResource<StorageManager,StorageAccountInner>, Refreshable<StorageAccount>, Updatable<Update>, SupportsListingPrivateLinkResource, SupportsListingPrivateEndpointConnection, SupportsUpdatingPrivateEndpointConnection

An immutable client-side representation of an Azure storage account.

Method Summary

Modifier and Type Method and Description
abstract AccessTier accessTier()
abstract AccountStatuses accountStatuses()
abstract boolean canAccessFromAzureServices()

Checks storage account can be accessed from applications running on azure.

abstract boolean canReadLogEntriesFromAnyNetwork()

Checks storage log entries can be read from any network.

abstract boolean canReadMetricsFromAnyNetwork()

Checks storage metrics can be read from any network.

abstract OffsetDateTime creationTime()
abstract CustomDomain customDomain()
abstract StorageAccountEncryptionKeySource encryptionKeySource()

The source of the key used for encryption.

abstract Map<StorageService,StorageAccountEncryptionStatus> encryptionStatuses()
abstract PublicEndpoints endPoints()
abstract List<StorageAccountKey> getKeys()

Fetch the up-to-date access keys from Azure for this storage account.

abstract Mono<List<StorageAccountKey>> getKeysAsync()

Fetch the up-to-date access keys from Azure for this storage account asynchronously.

abstract IdentityType identityTypeForCustomerEncryptionKey()

Type of the Managed Service Identity used to access KeyVault for encryption.

abstract boolean infrastructureEncryptionEnabled()
abstract List<String> ipAddressRangesWithAccess()
abstract List<String> ipAddressesWithAccess()
abstract boolean isAccessAllowedFromAllNetworks()
abstract boolean isAllowCrossTenantReplication()

Checks whether cross tenant replication is allowed.

abstract boolean isAzureFilesAadIntegrationEnabled()

Checks whether Aad Integration is enabled for files on this storage account.

abstract boolean isBlobPublicAccessAllowed()

Checks whether blob public access is allowed.

abstract boolean isDefaultToOAuthAuthentication()

Checks whether default to oauth authentication is allowed.

abstract boolean isHnsEnabled()

Checks whether Hns is enabled on this storage account.

abstract boolean isHttpsTrafficOnly()

Checks whether storage account only allow HTTPS traffic.

abstract boolean isLargeFileSharesEnabled()

Checks whether large file shares enabled on this storage account.

abstract boolean isSharedKeyAccessAllowed()

Checks whether shared key access is allowed.

abstract Kind kind()
abstract OffsetDateTime lastGeoFailoverTime()
abstract MinimumTlsVersion minimumTlsVersion()
abstract List<String> networkSubnetsWithAccess()
abstract ProvisioningState provisioningState()
abstract PublicNetworkAccess publicNetworkAccess()

Whether the storage account can be accessed from public network.

abstract List<StorageAccountKey> regenerateKey(String keyName)

Regenerates the access keys for this storage account.

abstract Mono<List<StorageAccountKey>> regenerateKeyAsync(String keyName)

Regenerates the access keys for this storage account asynchronously.

abstract StorageAccountSkuType skuType()
abstract String systemAssignedManagedServiceIdentityPrincipalId()
abstract String systemAssignedManagedServiceIdentityTenantId()
abstract String userAssignedIdentityIdForCustomerEncryptionKey()

User-assigned Managed Service Identity ID to access the KeyVault for encryption.

abstract Set<String> userAssignedManagedServiceIdentityIds()

Method Details

accessTier

public abstract AccessTier accessTier()

Returns:

access tier used for billing. Access tier cannot be changed more than once every 7 days (168 hours). Access tier cannot be set for StandardLRS, StandardGRS, StandardRAGRS, or PremiumLRS account types. Possible values include: 'Hot', 'Cool'.

accountStatuses

public abstract AccountStatuses accountStatuses()

Returns:

the status indicating whether the primary and secondary location of the storage account is available or unavailable. Possible values include: 'Available', 'Unavailable'

canAccessFromAzureServices

public abstract boolean canAccessFromAzureServices()

Checks storage account can be accessed from applications running on azure.

Returns:

true if storage can be accessed from application running on azure, false otherwise

canReadLogEntriesFromAnyNetwork

public abstract boolean canReadLogEntriesFromAnyNetwork()

Checks storage log entries can be read from any network.

Returns:

true if storage log entries can be read from any network, false otherwise

canReadMetricsFromAnyNetwork

public abstract boolean canReadMetricsFromAnyNetwork()

Checks storage metrics can be read from any network.

Returns:

true if storage metrics can be read from any network, false otherwise

creationTime

public abstract OffsetDateTime creationTime()

Returns:

the creation date and time of the storage account in UTC

customDomain

public abstract CustomDomain customDomain()

Returns:

the user assigned custom domain assigned to this storage account

encryptionKeySource

public abstract StorageAccountEncryptionKeySource encryptionKeySource()

The source of the key used for encryption.

MICROSOFT_STORAGE means that the Storage Account is encrypted using Microsoft-managed Key.

MICROSOFT_KEYVAULT means that the Storage Account is encrypted using Customer-managed Key.

Returns:

the source of the key used for encryption.

encryptionStatuses

public abstract Map encryptionStatuses()

Returns:

the encryption statuses indexed by storage service type.

endPoints

public abstract PublicEndpoints endPoints()

Returns:

the URLs that are used to perform a retrieval of a public blob, queue or table object. Note that StandardZRS and PremiumLRS accounts only return the blob endpoint

getKeys

public abstract List getKeys()

Fetch the up-to-date access keys from Azure for this storage account.

Returns:

the access keys for this storage account

getKeysAsync

public abstract Mono> getKeysAsync()

Fetch the up-to-date access keys from Azure for this storage account asynchronously.

Returns:

a representation of the deferred computation of this call, returning the access keys

identityTypeForCustomerEncryptionKey

public abstract IdentityType identityTypeForCustomerEncryptionKey()

Type of the Managed Service Identity used to access KeyVault for encryption.

This property only makes sense when the storage account is encrypted using Customer-managed keys, meaning encryptionKeySource() is MICROSOFT_KEYVAULT.

Returns:

type of the Managed Service Identity used to access KeyVault for encryption, null if encryptionKeySource() is MICROSOFT_STORAGE

infrastructureEncryptionEnabled

public abstract boolean infrastructureEncryptionEnabled()

Returns:

whether infrastructure encryption for Azure Storage data is enabled.

ipAddressRangesWithAccess

public abstract List ipAddressRangesWithAccess()

Returns:

the list of ip address ranges having access to the storage account.

ipAddressesWithAccess

public abstract List ipAddressesWithAccess()

Returns:

the list of ip addresses having access to the storage account.

isAccessAllowedFromAllNetworks

public abstract boolean isAccessAllowedFromAllNetworks()

Returns:

true if authenticated application from any network is allowed to access the storage account, false if only application from whitelisted network (subnet, ip address, ip address range) can access the storage account.

isAllowCrossTenantReplication

public abstract boolean isAllowCrossTenantReplication()

Checks whether cross tenant replication is allowed.

Returns:

true if cross tenant replication is enabled, false otherwise

isAzureFilesAadIntegrationEnabled

public abstract boolean isAzureFilesAadIntegrationEnabled()

Checks whether Aad Integration is enabled for files on this storage account.

Returns:

true if Aad integration is enabled, false otherwise

isBlobPublicAccessAllowed

public abstract boolean isBlobPublicAccessAllowed()

Checks whether blob public access is allowed.

Returns:

true if blob public access is allowed, false otherwise

isDefaultToOAuthAuthentication

public abstract boolean isDefaultToOAuthAuthentication()

Checks whether default to oauth authentication is allowed.

Returns:

true if default to oauth authentication is enabled, false otherwise

isHnsEnabled

public abstract boolean isHnsEnabled()

Checks whether Hns is enabled on this storage account.

Returns:

true if Hns is enabled, false otherwise

isHttpsTrafficOnly

public abstract boolean isHttpsTrafficOnly()

Checks whether storage account only allow HTTPS traffic.

Returns:

true if only allow HTTPS traffic, false otherwise

isLargeFileSharesEnabled

public abstract boolean isLargeFileSharesEnabled()

Checks whether large file shares enabled on this storage account.

Returns:

true if large file shares is enabled, false otherwise

isSharedKeyAccessAllowed

public abstract boolean isSharedKeyAccessAllowed()

Checks whether shared key access is allowed.

Returns:

true if shared key access is allowed, false otherwise

kind

public abstract Kind kind()

Returns:

the kind of the storage account. Possible values are 'Storage', 'BlobStorage'.

lastGeoFailoverTime

public abstract OffsetDateTime lastGeoFailoverTime()

Returns:

the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is StandardGRS or StandardRAGRS

minimumTlsVersion

public abstract MinimumTlsVersion minimumTlsVersion()

Returns:

the minimum TLS version for HTTPS traffic.

networkSubnetsWithAccess

public abstract List networkSubnetsWithAccess()

Returns:

the list of resource id of virtual network subnet having access to the storage account.

provisioningState

public abstract ProvisioningState provisioningState()

Returns:

the status of the storage account at the time the operation was called. Possible values include: 'Creating', 'ResolvingDNS', 'Succeeded'

publicNetworkAccess

public abstract PublicNetworkAccess publicNetworkAccess()

Whether the storage account can be accessed from public network.

Returns:

whether the storage account can be accessed from public network.

regenerateKey

public abstract List regenerateKey(String keyName)

Regenerates the access keys for this storage account.

Parameters:

keyName - if the key name

Returns:

the generated access keys for this storage account

regenerateKeyAsync

public abstract Mono> regenerateKeyAsync(String keyName)

Regenerates the access keys for this storage account asynchronously.

Parameters:

keyName - if the key name

Returns:

a representation of the deferred computation of this call, returning the regenerated access key

skuType

public abstract StorageAccountSkuType skuType()

Returns:

the sku of this storage account.

systemAssignedManagedServiceIdentityPrincipalId

public abstract String systemAssignedManagedServiceIdentityPrincipalId()

Returns:

the Managed Service Identity specific Active Directory service principal ID assigned to the storage account.

systemAssignedManagedServiceIdentityTenantId

public abstract String systemAssignedManagedServiceIdentityTenantId()

Returns:

the Managed Service Identity specific Active Directory tenant ID assigned to the storage account.

userAssignedIdentityIdForCustomerEncryptionKey

public abstract String userAssignedIdentityIdForCustomerEncryptionKey()

User-assigned Managed Service Identity ID to access the KeyVault for encryption.

This property only makes sense when the storage account is encrypted using Customer-managed keys, meaning encryptionKeySource() is MICROSOFT_KEYVAULT and identityTypeForCustomerEncryptionKey() is USER_ASSIGNED.

Returns:

user-assigned identity ID used to access KeyVault for encryption, null if encryptionKeySource() is MICROSOFT_STORAGE or identityTypeForCustomerEncryptionKey() is not USER_ASSIGNED

userAssignedManagedServiceIdentityIds

public abstract Set userAssignedManagedServiceIdentityIds()

Returns:

the resource ids of User Assigned Managed Service Identities associated with the storage account.

Applies to