Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default/containers/{containerName}/immutabilityPolicies/default?api-version=2023-01-01
URI Parameters
Name |
In |
Required |
Type |
Description |
accountName
|
path |
True
|
string
|
The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
Regex pattern: ^[a-z0-9]+$
|
containerName
|
path |
True
|
string
|
The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
|
immutabilityPolicyName
|
path |
True
|
ImmutabilityPolicyName
|
The name of the blob container immutabilityPolicy within the specified storage account. ImmutabilityPolicy Name must be 'default'
|
resourceGroupName
|
path |
True
|
string
|
The name of the resource group within the user's subscription. The name is case insensitive.
Regex pattern: ^[-\w\._\(\)]+$
|
subscriptionId
|
path |
True
|
string
|
The ID of the target subscription.
|
api-version
|
query |
True
|
string
|
The API version to use for this operation.
|
Name |
Required |
Type |
Description |
If-Match
|
|
string
|
The entity state (ETag) version of the immutability policy to update. A value of "*" can be used to apply the operation only if the immutability policy already exists. If omitted, this operation will always be applied.
|
Request Body
Name |
Type |
Description |
properties.allowProtectedAppendWrites
|
boolean
|
This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API.
|
properties.allowProtectedAppendWritesAll
|
boolean
|
This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to both 'Append and Bock Blobs' while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API. The 'allowProtectedAppendWrites' and 'allowProtectedAppendWritesAll' properties are mutually exclusive.
|
properties.immutabilityPeriodSinceCreationInDays
|
integer
|
The immutability period for the blobs in the container since the policy creation, in days.
|
Responses
Name |
Type |
Description |
200 OK
|
ImmutabilityPolicy
|
OK -- Creates or updates container ImmutabilityPolicy operation completed successfully.
Headers
ETag: string
|
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name |
Description |
user_impersonation
|
impersonate your user account
|
Examples
CreateOrUpdateImmutabilityPolicy
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default?api-version=2023-01-01
{
"properties": {
"immutabilityPeriodSinceCreationInDays": 3,
"allowProtectedAppendWrites": true
}
}
import com.azure.resourcemanager.storage.fluent.models.ImmutabilityPolicyInner;
/** Samples for BlobContainers CreateOrUpdateImmutabilityPolicy. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* BlobContainersPutImmutabilityPolicy.json
*/
/**
* Sample code: CreateOrUpdateImmutabilityPolicy.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createOrUpdateImmutabilityPolicy(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getBlobContainers()
.createOrUpdateImmutabilityPolicyWithResponse(
"res1782", "sto7069", "container6397", null, new ImmutabilityPolicyInner()
.withImmutabilityPeriodSinceCreationInDays(3).withAllowProtectedAppendWrites(true),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python blob_containers_put_immutability_policy.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.blob_containers.create_or_update_immutability_policy(
resource_group_name="res1782",
account_name="sto7069",
container_name="container6397",
)
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicy.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicy.json
func ExampleBlobContainersClient_CreateOrUpdateImmutabilityPolicy_createOrUpdateImmutabilityPolicy() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewBlobContainersClient().CreateOrUpdateImmutabilityPolicy(ctx, "res1782", "sto7069", "container6397", &armstorage.BlobContainersClientCreateOrUpdateImmutabilityPolicyOptions{IfMatch: nil,
Parameters: &armstorage.ImmutabilityPolicy{
Properties: &armstorage.ImmutabilityPolicyProperty{
AllowProtectedAppendWrites: to.Ptr(true),
ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](3),
},
},
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ImmutabilityPolicy = armstorage.ImmutabilityPolicy{
// Name: to.Ptr("default"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default"),
// Etag: to.Ptr("\"8d59f830cb130e5\""),
// Properties: &armstorage.ImmutabilityPolicyProperty{
// AllowProtectedAppendWrites: to.Ptr(true),
// ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](3),
// State: to.Ptr(armstorage.ImmutabilityPolicyStateUnlocked),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation.
*
* @summary Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicy.json
*/
async function createOrUpdateImmutabilityPolicy() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res1782";
const accountName = "sto7069";
const containerName = "container6397";
const parameters = {
allowProtectedAppendWrites: true,
immutabilityPeriodSinceCreationInDays: 3,
};
const options = {
parameters,
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.blobContainers.createOrUpdateImmutabilityPolicy(
resourceGroupName,
accountName,
containerName,
options
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default",
"name": "default",
"type": "Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies",
"etag": "\"8d59f830cb130e5\"",
"properties": {
"immutabilityPeriodSinceCreationInDays": 3,
"allowProtectedAppendWrites": true,
"state": "Unlocked"
}
}
CreateOrUpdateImmutabilityPolicyWithAllowProtectedAppendWritesAll
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default?api-version=2023-01-01
{
"properties": {
"immutabilityPeriodSinceCreationInDays": 3,
"allowProtectedAppendWritesAll": true
}
}
import com.azure.resourcemanager.storage.fluent.models.ImmutabilityPolicyInner;
/** Samples for BlobContainers CreateOrUpdateImmutabilityPolicy. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* BlobContainersPutImmutabilityPolicyAllowProtectedAppendWritesAll.json
*/
/**
* Sample code: CreateOrUpdateImmutabilityPolicyWithAllowProtectedAppendWritesAll.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createOrUpdateImmutabilityPolicyWithAllowProtectedAppendWritesAll(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getBlobContainers()
.createOrUpdateImmutabilityPolicyWithResponse(
"res1782", "sto7069", "container6397", null, new ImmutabilityPolicyInner()
.withImmutabilityPeriodSinceCreationInDays(3).withAllowProtectedAppendWritesAll(true),
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python blob_containers_put_immutability_policy_allow_protected_append_writes_all.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.blob_containers.create_or_update_immutability_policy(
resource_group_name="res1782",
account_name="sto7069",
container_name="container6397",
)
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicyAllowProtectedAppendWritesAll.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicyAllowProtectedAppendWritesAll.json
func ExampleBlobContainersClient_CreateOrUpdateImmutabilityPolicy_createOrUpdateImmutabilityPolicyWithAllowProtectedAppendWritesAll() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewBlobContainersClient().CreateOrUpdateImmutabilityPolicy(ctx, "res1782", "sto7069", "container6397", &armstorage.BlobContainersClientCreateOrUpdateImmutabilityPolicyOptions{IfMatch: nil,
Parameters: &armstorage.ImmutabilityPolicy{
Properties: &armstorage.ImmutabilityPolicyProperty{
AllowProtectedAppendWritesAll: to.Ptr(true),
ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](3),
},
},
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ImmutabilityPolicy = armstorage.ImmutabilityPolicy{
// Name: to.Ptr("default"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default"),
// Etag: to.Ptr("\"8d59f830cb130e5\""),
// Properties: &armstorage.ImmutabilityPolicyProperty{
// AllowProtectedAppendWritesAll: to.Ptr(true),
// ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](3),
// State: to.Ptr(armstorage.ImmutabilityPolicyStateUnlocked),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation.
*
* @summary Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/BlobContainersPutImmutabilityPolicyAllowProtectedAppendWritesAll.json
*/
async function createOrUpdateImmutabilityPolicyWithAllowProtectedAppendWritesAll() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res1782";
const accountName = "sto7069";
const containerName = "container6397";
const parameters = {
allowProtectedAppendWritesAll: true,
immutabilityPeriodSinceCreationInDays: 3,
};
const options = {
parameters,
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.blobContainers.createOrUpdateImmutabilityPolicy(
resourceGroupName,
accountName,
containerName,
options
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res1782/providers/Microsoft.Storage/storageAccounts/sto7069/blobServices/default/containers/container6397/immutabilityPolicies/default",
"name": "default",
"type": "Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies",
"etag": "\"8d59f830cb130e5\"",
"properties": {
"immutabilityPeriodSinceCreationInDays": 3,
"allowProtectedAppendWritesAll": true,
"state": "Unlocked"
}
}
Definitions
Name |
Description |
ImmutabilityPolicy
|
The ImmutabilityPolicy property of a blob container, including Id, resource name, resource type, Etag.
|
ImmutabilityPolicyName
|
The name of the blob container immutabilityPolicy within the specified storage account. ImmutabilityPolicy Name must be 'default'
|
ImmutabilityPolicyState
|
The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked.
|
ImmutabilityPolicy
The ImmutabilityPolicy property of a blob container, including Id, resource name, resource type, Etag.
Name |
Type |
Description |
etag
|
string
|
Resource Etag.
|
id
|
string
|
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
The name of the resource
|
properties.allowProtectedAppendWrites
|
boolean
|
This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API.
|
properties.allowProtectedAppendWritesAll
|
boolean
|
This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to both 'Append and Bock Blobs' while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API. The 'allowProtectedAppendWrites' and 'allowProtectedAppendWritesAll' properties are mutually exclusive.
|
properties.immutabilityPeriodSinceCreationInDays
|
integer
|
The immutability period for the blobs in the container since the policy creation, in days.
|
properties.state
|
ImmutabilityPolicyState
|
The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked.
|
type
|
string
|
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
|
ImmutabilityPolicyName
The name of the blob container immutabilityPolicy within the specified storage account. ImmutabilityPolicy Name must be 'default'
Name |
Type |
Description |
default
|
string
|
|
ImmutabilityPolicyState
The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked.
Name |
Type |
Description |
Locked
|
string
|
|
Unlocked
|
string
|
|