Getting storage account lifecycle management via REST with Shared Key (storage account key) authentication

Question

Hi,
I'm implementing an application that needs to build curl handlers in C for a few blob storage operations.
For that i'm using the Shared Key (storage account key) authentication:
https://learn.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key

I'm trying to get lifecycle management rules on my account via REST using the Shared Key (storage account key) authentication and came across this operation which seems fit:
https://learn.microsoft.com/en-us/rest/api/storageservices/get-blob-service-properties

The problem is that I'm getting different data from what i'm seeing in the portal or the CLI.
When using the CLI command: az storage account management-policy show
I get this back:

...  
"rules": [  
      {  
        "definition": {  
          "actions": {  
            "baseBlob": {  
              "delete": {  
                "daysAfterModificationGreaterThan": 300.0  
              },  
              "tierToArchive": null,  
              "tierToCool": null  
            },  
            "snapshot": null  
          },  
          "filters": {  
            "blobIndexMatch": null,  
            "blobTypes": [  
              "blockBlob"  
            ],  
            "prefixMatch": null  
          }  
        },  
        "enabled": true,  
        "name": "***"  
      }  
    ]  
...  

On the other hand, when using the get-blob-service-properties via REST I get that no such rule is enabled:

<?xml version="1.0" encoding="utf-8"?>  
<StorageServiceProperties>  
  <Logging>  
    <Version>1.0</Version>  
    <Read>false</Read>  
    <Write>false</Write>  
    <Delete>false</Delete>  
    <RetentionPolicy>  
      <Enabled>false</Enabled>  
    </RetentionPolicy>  
  </Logging>  
  <HourMetrics>  
    <Version>1.0</Version>  
    <Enabled>false</Enabled>  
    <RetentionPolicy>  
      <Enabled>false</Enabled>  
    </RetentionPolicy>  
  </HourMetrics>  
  <MinuteMetrics>  
    <Version>1.0</Version>  
    <Enabled>false</Enabled>  
    <RetentionPolicy>  
      <Enabled>false</Enabled>  
    </RetentionPolicy>  
  </MinuteMetrics>  
  <Cors/>  
  <DeleteRetentionPolicy>  
    <Enabled>false</Enabled>  
  </DeleteRetentionPolicy>  
</StorageServiceProperties>  

I see that there is this REST that uses OAuth2 but I don't want to implement this authentication since I'm using C and its hard as it is.
https://learn.microsoft.com/en-us/rest/api/storagerp/managementpolicies/get

Can you point me to the right REST operation that uses Shared Key (storage account key) authentication?

Thanks!
Oded

Answer 1

@Oded Raiches
Get Blob Service Properties does not show lifecycle management policies. Management Policies - Get is considered a management resource which is why it is part of the Azure Storage resource provider REST API. A request that reads or writes blob data requires different permissions than a request that performs a management operation. Unfortunately you will not be able to use your storage account key to get your lifecycle management policies. For more information please see Use the Azure Storage resource provider to access management resources.

I know this probably wasn't the answer you were hoping for. If you have additional questions or issues please let me know and I will be happy to help.

-------------------------------

Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.