az storage container policy

Manage container stored access policies.

Commands

az storage container policy create	Create a stored access policy on the containing object.
az storage container policy delete	Delete a stored access policy on a containing object.
az storage container policy list	List stored access policies on a containing object.
az storage container policy show	Show a stored access policy on a containing object.
az storage container policy update	Set a stored access policy on a containing object.

az storage container policy create

Create a stored access policy on the containing object.

az storage container policy create --container-name
                                   --name
                                   [--account-key]
                                   [--account-name]
                                   [--auth-mode {key, login}]
                                   [--blob-endpoint]
                                   [--connection-string]
                                   [--expiry]
                                   [--lease-id]
                                   [--permissions]
                                   [--sas-token]
                                   [--start]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login

--blob-endpoint

Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.

--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--expiry

Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').

--lease-id

The container lease ID.

--permissions

Allowed values: (a)dd (c)reate (d)elete (e)xecute (f)ilter_by_tags (i)set_immutability_policy (l)ist (m)ove (r)ead (t)ag (w)rite (x)delete_previous_version (y)permanent_delete. Can be combined.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.

--start

Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage container policy delete

Delete a stored access policy on a containing object.

az storage container policy delete --container-name
                                   --name
                                   [--account-key]
                                   [--account-name]
                                   [--auth-mode {key, login}]
                                   [--blob-endpoint]
                                   [--connection-string]
                                   [--lease-id]
                                   [--sas-token]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login

--blob-endpoint

Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.

--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage container policy list

List stored access policies on a containing object.

az storage container policy list --container-name
                                 [--account-key]
                                 [--account-name]
                                 [--auth-mode {key, login}]
                                 [--blob-endpoint]
                                 [--connection-string]
                                 [--lease-id]
                                 [--sas-token]

Required Parameters

--container-name -c

The container name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login

--blob-endpoint

Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.

--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage container policy show

Show a stored access policy on a containing object.

az storage container policy show --container-name
                                 --name
                                 [--account-key]
                                 [--account-name]
                                 [--auth-mode {key, login}]
                                 [--blob-endpoint]
                                 [--connection-string]
                                 [--lease-id]
                                 [--sas-token]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login

--blob-endpoint

Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.

--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--lease-id

The container lease ID.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az storage container policy update

Set a stored access policy on a containing object.

az storage container policy update --container-name
                                   --name
                                   [--account-key]
                                   [--account-name]
                                   [--auth-mode {key, login}]
                                   [--blob-endpoint]
                                   [--connection-string]
                                   [--expiry]
                                   [--lease-id]
                                   [--permissions]
                                   [--sas-token]
                                   [--start]

Required Parameters

--container-name -c

The container name.

--name -n

The stored access policy name.

Optional Parameters

--account-key

Storage account key. Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_KEY.

--account-name

Storage account name. Related environment variable: AZURE_STORAGE_ACCOUNT. Must be used in conjunction with either storage account key or a SAS token. If neither are present, the command will try to query the storage account key using the authenticated Azure account. If a large number of storage commands are executed the API quota may be hit.

--auth-mode

The mode in which to run the command. "login" mode will directly use your login credentials for the authentication. The legacy "key" mode will attempt to query for an account key if no authentication parameters for the account are provided. Environment variable: AZURE_STORAGE_AUTH_MODE.

accepted values: key, login

--blob-endpoint

Storage data service endpoint. Must be used in conjunction with either storage account key or a SAS token. You can find each service primary endpoint with az storage account show. Environment variable: AZURE_STORAGE_SERVICE_ENDPOINT.

--connection-string

Storage account connection string. Environment variable: AZURE_STORAGE_CONNECTION_STRING.

--expiry

Expiration UTC datetime in (Y-m-d'T'H:M:S'Z').

--lease-id

The container lease ID.

--permissions

Allowed values: (a)dd (c)reate (d)elete (e)xecute (f)ilter_by_tags (i)set_immutability_policy (l)ist (m)ove (r)ead (t)ag (w)rite (x)delete_previous_version (y)permanent_delete. Can be combined.

--sas-token

A Shared Access Signature (SAS). Must be used in conjunction with storage account name or service endpoint. Environment variable: AZURE_STORAGE_SAS_TOKEN.

--start

Start UTC datetime (Y-m-d'T'H:M:S'Z'). Defaults to time of request.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.