az storage account local-user

Manage storage account local users.

Commands

Name	Description	Type	Status
az storage account local-user create	Create a local user for a given storage account.	Core	GA
az storage account local-user delete	Delete a local user.	Core	GA
az storage account local-user list	List local users for a storage account.	Core	GA
az storage account local-user list-keys	List sharedkeys and sshAuthorizedKeys for a local user.	Core	GA
az storage account local-user regenerate-password	Regenerate sshPassword for a local user.	Core	GA
az storage account local-user show	Show info for a local user.	Core	GA
az storage account local-user update	Update properties for a local user.	Core	GA

az storage account local-user create

Create a local user for a given storage account.

az storage account local-user create --account-name
                                     --name
                                     --resource-group
                                     [--has-shared-key {false, true}]
                                     [--has-ssh-key {false, true}]
                                     [--has-ssh-password {false, true}]
                                     [--home-directory]
                                     [--permission-scope]
                                     [--ssh-authorized-key]

Examples

Create a local-user with two permission scopes and an ssh-authorized-key

az storage account local-user create --account-name {account-name} -g {resource-group} -n {username} --home-directory home --permission-scope permissions=r service=blob resource-name=container1 --permission-scope permissions=rw service=file resource-name=share2 --ssh-authorized-key key="ssh-rsa a2V5" --has-ssh-key true --has-ssh-password --has-shared-key false

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--has-shared-key

Indicates whether shared key exists. Set it to false to remove existing shared key.

accepted values: false, true

--has-ssh-key

Indicates whether ssh key exists. Set it to false to remove existing SSH key.

accepted values: false, true

--has-ssh-password

Indicates whether ssh password exists. Set it to false to remove existing SSH password.

accepted values: false, true

--home-directory

The home directory.

--permission-scope

The permission scope argument list which includes the permissions, service, and resource_name.The permissions can be a combination of the below possible values: Read(r), Write (w), Delete (d), List (l), and Create (c). The service has possible values: blob, file. The resource-name is the container name or the file share name. Example: --permission-scope permissions=r service=blob resource-name=container1Can specify multiple permission scopes: --permission-scope permissions=rw service=blob resource-name=container1--permission-scope permissions=rwd service=file resource-name=share2.

--ssh-authorized-key

SSH authorized keys for SFTP. Includes an optional description and key. The key is the base64 encoded SSH public key , with format: e.g. ssh-rsa AAAABBBB.Example: --ssh_authorized_key description=description key="ssh-rsa AAAABBBB"or --ssh_authorized_key key="ssh-rsa AAAABBBB".

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user delete

Delete a local user.

az storage account local-user delete --account-name
                                     --name
                                     --resource-group

Examples

Delete a local-user

az storage account local-user delete --account-name {account-name} -g {resource-group} -n {username}

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user list

List local users for a storage account.

az storage account local-user list --account-name
                                   --resource-group

Examples

List local-user for a storage account

az storage account local-user list --account-name {account-name} -g {resource-group}

Required Parameters

--account-name

The storage account name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user list-keys

List sharedkeys and sshAuthorizedKeys for a local user.

az storage account local-user list-keys --account-name
                                        --name
                                        --resource-group

Examples

List sharedkeys and sshAuthorizedKeys for a local-user

az storage account local-user list-keys --account-name {account-name} -g {resource-group} -n {username}

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user regenerate-password

Regenerate sshPassword for a local user.

az storage account local-user regenerate-password --account-name
                                                  --name
                                                  --resource-group

Examples

Regenerate sshPassword for a local-user

az storage account local-user regenerate-password --account-name {account-name} -g {resource-group} -n {username}

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user show

Show info for a local user.

az storage account local-user show --account-name
                                   --name
                                   --resource-group

Examples

Show info for a local-user

az storage account local-user show --account-name {account-name} -g {resource-group} -n {username}

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage account local-user update

Update properties for a local user.

az storage account local-user update --account-name
                                     --name
                                     --resource-group
                                     [--has-shared-key {false, true}]
                                     [--has-ssh-key {false, true}]
                                     [--has-ssh-password {false, true}]
                                     [--home-directory]
                                     [--permission-scope]
                                     [--ssh-authorized-key]

Examples

Update a local-user with one permission scopes and no ssh-key

az storage account local-user update --account-name {account-name} -g {resource-group} -n {username} --permission-scope permissions=rw service=file resource-name=share2 --has-ssh-key false

Required Parameters

--account-name

The storage account name.

--name --user-name -n

The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--has-shared-key

Indicates whether shared key exists. Set it to false to remove existing shared key.

accepted values: false, true

--has-ssh-key

Indicates whether ssh key exists. Set it to false to remove existing SSH key.

accepted values: false, true

--has-ssh-password

Indicates whether ssh password exists. Set it to false to remove existing SSH password.

accepted values: false, true

--home-directory

The home directory.

--permission-scope

The permission scope argument list which includes the permissions, service, and resource_name.The permissions can be a combination of the below possible values: Read(r), Write (w), Delete (d), List (l), and Create (c). The service has possible values: blob, file. The resource-name is the container name or the file share name. Example: --permission-scope permissions=r service=blob resource-name=container1Can specify multiple permission scopes: --permission-scope permissions=rw service=blob resource-name=container1--permission-scope permissions=rwd service=file resource-name=share2.

--ssh-authorized-key

SSH authorized keys for SFTP. Includes an optional description and key. The key is the base64 encoded SSH public key , with format: e.g. ssh-rsa AAAABBBB.Example: --ssh_authorized_key description=description key="ssh-rsa AAAABBBB"or --ssh_authorized_key key="ssh-rsa AAAABBBB".

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.