Crea de forma asincrónica una nueva cuenta de almacenamiento con los parámetros especificados. Si ya se ha creado una cuenta y se emite una solicitud de creación posterior con propiedades diferentes, se actualizarán las propiedades de la cuenta. Si ya se ha creado una cuenta y se emite una solicitud de creación o actualización posterior con el mismo conjunto exacto de propiedades, la solicitud se realizará correctamente.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}?api-version=2023-01-01
Parámetros de identificador URI
Nombre |
En |
Requerido |
Tipo |
Description |
accountName
|
path |
True
|
string
|
Nombre de la cuenta de almacenamiento dentro del grupo de recursos especificado. Los nombres de cuentas de almacenamiento deben tener entre 3 y 24 caracteres, y usar solo números y letras minúsculas.
Regex pattern: ^[a-z0-9]+$
|
resourceGroupName
|
path |
True
|
string
|
Nombre del grupo de recursos dentro de la suscripción del usuario. El nombre distingue mayúsculas de minúsculas.
Regex pattern: ^[-\w\._\(\)]+$
|
subscriptionId
|
path |
True
|
string
|
Identificador de la suscripción de destino.
|
api-version
|
query |
True
|
string
|
Versión de API que se usará para la operación.
|
Cuerpo de la solicitud
Nombre |
Requerido |
Tipo |
Description |
kind
|
True
|
Kind
|
Necesario. Indica el tipo de cuenta de almacenamiento.
|
location
|
True
|
string
|
Necesario. Obtiene o establece la ubicación del recurso. Se trata de una de las regiones geográficas de Azure admitidas y registradas (por ejemplo, Oeste de EE. UU., Este de EE. UU., Sudeste de Asia, etc.). La región geográfica de un recurso no se puede cambiar una vez creada, pero si se especifica una región geográfica idéntica al actualizar, la solicitud se realizará correctamente.
|
sku
|
True
|
Sku
|
Necesario. Obtiene o establece el nombre de la SKU.
|
extendedLocation
|
|
ExtendedLocation
|
Opcional. Establezca la ubicación extendida del recurso. Si no se establece, la cuenta de almacenamiento se creará en la región principal de Azure. De lo contrario, se creará en la ubicación extendida especificada.
|
identity
|
|
Identity
|
Identidad del recurso.
|
properties.accessTier
|
|
AccessTier
|
Necesario para las cuentas de almacenamiento donde kind = BlobStorage. El nivel de acceso se usa para la facturación. El nivel de acceso "Premium" es el valor predeterminado para el tipo de cuenta de almacenamiento de blobs en bloques Premium y no se puede cambiar para el tipo de cuenta de almacenamiento de blobs en bloques Premium.
|
properties.allowBlobPublicAccess
|
|
boolean
|
Permitir o no permitir el acceso público a todos los blobs o contenedores de la cuenta de almacenamiento. La interpretación predeterminada es false para esta propiedad.
|
properties.allowCrossTenantReplication
|
|
boolean
|
Permitir o no permitir la replicación de objetos de inquilino de AAD. Establezca esta propiedad en true para las cuentas nuevas o existentes solo si las directivas de replicación de objetos implican cuentas de almacenamiento en distintos inquilinos de AAD. La interpretación predeterminada es falsa para que las nuevas cuentas sigan los procedimientos de seguridad recomendados de forma predeterminada.
|
properties.allowSharedKeyAccess
|
|
boolean
|
Indica si la cuenta de almacenamiento permite autorizar las solicitudes con la clave de acceso de la cuenta a través de clave compartida. Si es false, todas las solicitudes, incluidas las firmas de acceso compartido, deben estar autorizadas con Azure Active Directory (Azure AD). El valor predeterminado es null, que es equivalente a true.
|
properties.allowedCopyScope
|
|
AllowedCopyScope
|
Restrinja la copia hacia y desde las cuentas de almacenamiento dentro de un inquilino de AAD o con vínculos privados a la misma red virtual.
|
properties.azureFilesIdentityBasedAuthentication
|
|
AzureFilesIdentityBasedAuthentication
|
Proporciona la configuración de autenticación basada en identidades para Azure Files.
|
properties.customDomain
|
|
CustomDomain
|
Dominio de usuario asignado a la cuenta de almacenamiento. Name es el origen CNAME. Solo se admite un dominio personalizado por cuenta de almacenamiento en este momento. Para borrar el dominio personalizado existente, use una cadena vacía para la propiedad de nombre de dominio personalizado.
|
properties.defaultToOAuthAuthentication
|
|
boolean
|
Marca booleana que indica si la autenticación predeterminada es OAuth o no. La interpretación predeterminada es false para esta propiedad.
|
properties.dnsEndpointType
|
|
DnsEndpointType
|
Permite especificar el tipo de punto de conexión. Establézcalo en AzureDNSZone para crear un gran número de cuentas en una sola suscripción, que crea cuentas en una zona DNS de Azure y la dirección URL del punto de conexión tendrá un identificador de zona DNS alfanumérica.
|
properties.encryption
|
|
Encryption
|
Configuración de cifrado que se usará para el cifrado del lado servidor para la cuenta de almacenamiento.
|
properties.immutableStorageWithVersioning
|
|
ImmutableStorageAccount
|
La propiedad es inmutable y solo se puede establecer en true en la hora de creación de la cuenta. Cuando se establece en true, habilita la inmutabilidad de nivel de objeto para todos los contenedores nuevos de la cuenta de forma predeterminada.
|
properties.isHnsEnabled
|
|
boolean
|
Account HierarchicalNamespace habilitado si se establece en true.
|
properties.isLocalUserEnabled
|
|
boolean
|
Habilita la característica de usuarios locales, si se establece en true.
|
properties.isNfsV3Enabled
|
|
boolean
|
La compatibilidad con el protocolo NFS 3.0 está habilitada si se establece en true.
|
properties.isSftpEnabled
|
|
boolean
|
Habilita el protocolo seguro de transferencia de archivos, si se establece en true.
|
properties.keyPolicy
|
|
KeyPolicy
|
KeyPolicy asignado a la cuenta de almacenamiento.
|
properties.largeFileSharesState
|
|
LargeFileSharesState
|
Permitir recursos compartidos de archivos grandes si se establece en Habilitado. No se puede deshabilitar una vez habilitado.
|
properties.minimumTlsVersion
|
|
MinimumTlsVersion
|
Establezca la versión mínima de TLS que se permitirá en las solicitudes al almacenamiento. La interpretación predeterminada es TLS 1.0 para esta propiedad.
|
properties.networkAcls
|
|
NetworkRuleSet
|
Conjunto de reglas de red
|
properties.publicNetworkAccess
|
|
PublicNetworkAccess
|
Permitir o no permitir el acceso de red pública a la cuenta de almacenamiento. El valor es opcional, pero si se pasa, debe ser "Habilitado" o "Deshabilitado".
|
properties.routingPreference
|
|
RoutingPreference
|
Mantiene información sobre la opción de enrutamiento de red elegida por el usuario para la transferencia de datos.
|
properties.sasPolicy
|
|
SasPolicy
|
SasPolicy asignado a la cuenta de almacenamiento.
|
properties.supportsHttpsTrafficOnly
|
|
boolean
|
Permite el tráfico https solo al servicio de almacenamiento si se establece en true. El valor predeterminado es true desde la versión de API 2019-04-01.
|
tags
|
|
object
|
Obtiene o establece una lista de pares clave-valor que describen el recurso. Estas etiquetas se pueden usar para ver y agrupar este recurso (entre grupos de recursos). Se puede proporcionar un máximo de 15 etiquetas para un recurso. Cada etiqueta debe tener una clave con una longitud no superior a 128 caracteres y un valor con una longitud no superior a 256 caracteres.
|
Respuestas
Nombre |
Tipo |
Description |
200 OK
|
StorageAccount
|
Correcto: se devuelve cuando la cuenta de almacenamiento ya se creó a partir de una solicitud anterior con las mismas propiedades especificadas en el cuerpo de la solicitud.
|
202 Accepted
|
|
Aceptado: se ha aceptado la solicitud de creación o actualización; La operación se completará de forma asincrónica.
|
Seguridad
azure_auth
Flujo OAuth2 de Azure Active Directory
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Nombre |
Description |
user_impersonation
|
suplantación de su cuenta de usuario
|
Ejemplos
NfsV3AccountCreate
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Premium_LRS"
},
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"isHnsEnabled": true,
"isNfsV3Enabled": true,
"supportsHttpsTrafficOnly": false,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
]
}
}
}
import com.azure.resourcemanager.storage.models.Bypass;
import com.azure.resourcemanager.storage.models.DefaultAction;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.NetworkRuleSet;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.VirtualNetworkRule;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file:
* specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/NfsV3AccountCreate.json
*/
/**
* Sample code: NfsV3AccountCreate.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void nfsV3AccountCreate(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.PREMIUM_LRS))
.withKind(Kind.BLOCK_BLOB_STORAGE).withLocation("eastus")
.withNetworkRuleSet(new NetworkRuleSet().withBypass(Bypass.AZURE_SERVICES)
.withVirtualNetworkRules(Arrays.asList(new VirtualNetworkRule().withVirtualNetworkResourceId(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12")))
.withIpRules(Arrays.asList()).withDefaultAction(DefaultAction.ALLOW))
.withEnableHttpsTrafficOnly(false).withIsHnsEnabled(true).withEnableNfsV3(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python nfs_v3_account_create.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"isHnsEnabled": True,
"isNfsV3Enabled": True,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
],
},
"supportsHttpsTrafficOnly": False,
},
"sku": {"name": "Premium_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/NfsV3AccountCreate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/NfsV3AccountCreate.json
func ExampleAccountsClient_BeginCreate_nfsV3AccountCreate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindBlockBlobStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
IsHnsEnabled: to.Ptr(true),
EnableNfsV3: to.Ptr(true),
NetworkRuleSet: &armstorage.NetworkRuleSet{
Bypass: to.Ptr(armstorage.BypassAzureServices),
DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
IPRules: []*armstorage.IPRule{},
VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
{
VirtualNetworkResourceID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
}},
},
EnableHTTPSTrafficOnly: to.Ptr(false),
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNamePremiumLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Kind: to.Ptr(armstorage.KindBlockBlobStorage),
// Properties: &armstorage.AccountProperties{
// IsHnsEnabled: to.Ptr(true),
// EnableNfsV3: to.Ptr(true),
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// {
// VirtualNetworkResourceID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
// }},
// },
// EnableHTTPSTrafficOnly: to.Ptr(false),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNamePremiumLRS),
// Tier: to.Ptr(armstorage.SKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/NfsV3AccountCreate.json
*/
async function nfsV3AccountCreate() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
isHnsEnabled: true,
enableNfsV3: true,
kind: "BlockBlobStorage",
location: "eastus",
networkRuleSet: {
bypass: "AzureServices",
defaultAction: "Allow",
ipRules: [],
virtualNetworkRules: [
{
virtualNetworkResourceId:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
},
],
},
sku: { name: "Premium_LRS" },
enableHttpsTrafficOnly: false,
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "BlockBlobStorage",
"location": "eastus",
"name": "sto4445",
"properties": {
"isHnsEnabled": true,
"isNfsV3Enabled": true,
"supportsHttpsTrafficOnly": false,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
]
}
},
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreate
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file:
* specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreate.json
*/
/**
* Sample code: StorageAccountCreate.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreate(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreate.json
func ExampleAccountsClient_BeginCreate_storageAccountCreate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreate.json
*/
async function storageAccountCreate() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateAllowedCopyScopeToAAD
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"allowedCopyScope": "AAD",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.AllowedCopyScope;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateAllowedCopyScopeToAAD.json
*/
/**
* Sample code: StorageAccountCreateAllowedCopyScopeToAAD.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateAllowedCopyScopeToAAD(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withAllowedCopyScope(
AllowedCopyScope.AAD)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_allowed_copy_scope_to_aad.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"allowedCopyScope": "AAD",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateAllowedCopyScopeToAad() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopeAAD),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopeAAD),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
*/
async function storageAccountCreateAllowedCopyScopeToAad() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
allowedCopyScope: "AAD",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"allowedCopyScope": "AAD"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateAllowedCopyScopeToPrivateLink
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"allowedCopyScope": "PrivateLink",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.AllowedCopyScope;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateAllowedCopyScopeToPrivateLink.json
*/
/**
* Sample code: StorageAccountCreateAllowedCopyScopeToPrivateLink.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateAllowedCopyScopeToPrivateLink(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withAllowedCopyScope(
AllowedCopyScope.PRIVATE_LINK)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_allowed_copy_scope_to_private_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"allowedCopyScope": "PrivateLink",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateAllowedCopyScopeToPrivateLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopePrivateLink),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopePrivateLink),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
*/
async function storageAccountCreateAllowedCopyScopeToPrivateLink() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
allowedCopyScope: "PrivateLink",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"allowedCopyScope": "PrivateLink"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDisallowPublicNetworkAccess
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"publicNetworkAccess": "Disabled",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.PublicNetworkAccess;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateDisallowPublicNetworkAccess.json
*/
/**
* Sample code: StorageAccountCreateDisallowPublicNetworkAccess.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDisallowPublicNetworkAccess(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withPublicNetworkAccess(
PublicNetworkAccess.DISABLED)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_disallow_public_network_access.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"publicNetworkAccess": "Disabled",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDisallowPublicNetworkAccess() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessDisabled),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessDisabled),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
*/
async function storageAccountCreateDisallowPublicNetworkAccess() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
publicNetworkAccess: "Disabled",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"publicNetworkAccess": "Disabled"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDnsEndpointTypeToAzureDnsZone
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"dnsEndpointType": "AzureDnsZone",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.DnsEndpointType;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
*/
/**
* Sample code: StorageAccountCreateDnsEndpointTypeToAzureDnsZone.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDnsEndpointTypeToAzureDnsZone(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false)
.withDnsEndpointType(DnsEndpointType.AZURE_DNS_ZONE),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_dns_endpoint_type_to_azure_dns_zone.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"dnsEndpointType": "AzureDnsZone",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDnsEndpointTypeToAzureDnsZone() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeAzureDNSZone),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeAzureDNSZone),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445.z24.file.storage.azure.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445-internetrouting.z24.file.storage.azure.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.z24.web.storage.azure.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.z24.file.storage.azure.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.z24.queue.storage.azure.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.z24.table.storage.azure.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.z24.web.storage.azure.net/"),
// },
// Queue: to.Ptr("https://sto4445.z24.queue.storage.azure.net/"),
// Table: to.Ptr("https://sto4445.z24.table.storage.azure.net/"),
// Web: to.Ptr("https://sto4445.z24.web.storage.azure.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
*/
async function storageAccountCreateDnsEndpointTypeToAzureDnsZone() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
dnsEndpointType: "AzureDnsZone",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"dnsEndpointType": "AzureDnsZone",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.z24.web.storage.azure.net/",
"dfs": "https://sto4445.z24.dfs.storage.azure.net/",
"blob": "https://sto4445.z24.blob.storage.azure.net/",
"file": "https://sto4445.z24.file.storage.azure.net/",
"queue": "https://sto4445.z24.queue.storage.azure.net/",
"table": "https://sto4445.z24.table.storage.azure.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.z24.web.storage.azure.net/",
"dfs": "https://sto4445-microsoftrouting.z24.dfs.storage.azure.net/",
"blob": "https://sto4445-microsoftrouting.z24.blob.storage.azure.net/",
"file": "https://sto4445-microsoftrouting.z24.file.storage.azure.net/",
"queue": "https://sto4445-microsoftrouting.z24.queue.storage.azure.net/",
"table": "https://sto4445-microsoftrouting.z24.table.storage.azure.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.z24.web.storage.azure.net/",
"dfs": "https://sto4445-internetrouting.z24.dfs.storage.azure.net/",
"blob": "https://sto4445-internetrouting.z24.blob.storage.azure.net/",
"file": "https://sto4445-internetrouting.z24.file.storage.azure.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDnsEndpointTypeToStandard
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"dnsEndpointType": "Standard",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.DnsEndpointType;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateDnsEndpointTypeToStandard.json
*/
/**
* Sample code: StorageAccountCreateDnsEndpointTypeToStandard.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDnsEndpointTypeToStandard(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false)
.withDnsEndpointType(DnsEndpointType.STANDARD),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_dns_endpoint_type_to_standard.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"dnsEndpointType": "Standard",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDnsEndpointTypeToStandard() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeStandard),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeStandard),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
*/
async function storageAccountCreateDnsEndpointTypeToStandard() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
dnsEndpointType: "Standard",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"dnsEndpointType": "Standard",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateEnablePublicNetworkAccess
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"publicNetworkAccess": "Enabled",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.PublicNetworkAccess;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateEnablePublicNetworkAccess.json
*/
/**
* Sample code: StorageAccountCreateEnablePublicNetworkAccess.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateEnablePublicNetworkAccess(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withPublicNetworkAccess(
PublicNetworkAccess.ENABLED)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_enable_public_network_access.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"publicNetworkAccess": "Enabled",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateEnablePublicNetworkAccess() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessEnabled),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessEnabled),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
*/
async function storageAccountCreateEnablePublicNetworkAccess() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
publicNetworkAccess: "Enabled",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"publicNetworkAccess": "Enabled"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreatePremiumBlockBlobStorage
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Premium_LRS"
},
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreatePremiumBlockBlobStorage.json
*/
/**
* Sample code: StorageAccountCreatePremiumBlockBlobStorage.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreatePremiumBlockBlobStorage(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.PREMIUM_LRS))
.withKind(Kind.BLOCK_BLOB_STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withMinimumTlsVersion(MinimumTlsVersion.TLS1_2).withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_premium_block_blob_storage.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"minimumTlsVersion": "TLS1_2",
},
"sku": {"name": "Premium_LRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
func ExampleAccountsClient_BeginCreate_storageAccountCreatePremiumBlockBlobStorage() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindBlockBlobStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNamePremiumLRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierPremium),
// AllowBlobPublicAccess: to.Ptr(false),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNamePremiumLRS),
// Tier: to.Ptr(armstorage.SKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
*/
async function storageAccountCreatePremiumBlockBlobStorage() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
kind: "BlockBlobStorage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
sku: { name: "Premium_LRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"properties": {
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"blob": "https://sto4445.blob.core.windows.net/",
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/"
},
"primaryLocation": "eastus2euap",
"accessTier": "Premium",
"provisioningState": "Succeeded",
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateUserAssignedEncryptionIdentityWithCMK
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
}
},
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": ""
},
"keySource": "Microsoft.Keyvault",
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
}
}
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionIdentity;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.Identity;
import com.azure.resourcemanager.storage.models.IdentityType;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.KeyVaultProperties;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.UserAssignedIdentity;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
*/
/**
* Sample code: StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateUserAssignedEncryptionIdentityWithCMK(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_LRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withIdentity(new Identity().withType(IdentityType.USER_ASSIGNED).withUserAssignedIdentities(mapOf(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
new UserAssignedIdentity())))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_KEYVAULT)
.withKeyVaultProperties(new KeyVaultProperties().withKeyName("fakeTokenPlaceholder")
.withKeyVersion("fakeTokenPlaceholder").withKeyVaultUri("fakeTokenPlaceholder"))
.withEncryptionIdentity(new EncryptionIdentity().withEncryptionUserAssignedIdentity(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_user_assigned_encryption_identity_with_cmk.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
},
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
},
"keySource": "Microsoft.Keyvault",
"keyvaultproperties": {
"keyname": "wrappingKey",
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyversion": "",
},
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
}
},
"sku": {"name": "Standard_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateUserAssignedEncryptionIdentityWithCmk() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Identity: &armstorage.Identity{
Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {},
},
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
Encryption: &armstorage.Encryption{
EncryptionIdentity: &armstorage.EncryptionIdentity{
EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
},
KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
KeyVaultProperties: &armstorage.KeyVaultProperties{
KeyName: to.Ptr("wrappingKey"),
KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
KeyVersion: to.Ptr(""),
},
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// },
// Identity: &armstorage.Identity{
// Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
// "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": &armstorage.UserAssignedIdentity{
// ClientID: to.Ptr("fbaa6278-1ecc-415c-819f-6e2058d3acb5"),
// PrincipalID: to.Ptr("8d823284-1060-42a5-9ec4-ed3d831e24d7"),
// },
// },
// },
// Kind: to.Ptr(armstorage.KindStorageV2),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierHot),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.083Z"); return t}()),
// Encryption: &armstorage.Encryption{
// EncryptionIdentity: &armstorage.EncryptionIdentity{
// EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
// },
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
// KeyVaultProperties: &armstorage.KeyVaultProperties{
// CurrentVersionedKeyIdentifier: to.Ptr("https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad"),
// KeyName: to.Ptr("wrappingKey"),
// KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
// KeyVersion: to.Ptr(""),
// LastKeyRotationTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-13T20:36:23.702Z"); return t}()),
// },
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// },
// },
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus"),
// PrivateEndpointConnections: []*armstorage.PrivateEndpointConnection{
// },
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardLRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
*/
async function storageAccountCreateUserAssignedEncryptionIdentityWithCmk() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
encryption: {
encryptionIdentity: {
encryptionUserAssignedIdentity:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
keySource: "Microsoft.Keyvault",
keyVaultProperties: {
keyName: "wrappingKey",
keyVaultUri: "https://myvault8569.vault.azure.net",
keyVersion: "",
},
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/{subscriptionId}/resourceGroups/res9101/providers/MicrosoftManagedIdentity/userAssignedIdentities/{managedIdentityName}":
{},
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_LRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"identity": {
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {
"principalId": "8d823284-1060-42a5-9ec4-ed3d831e24d7",
"clientId": "fbaa6278-1ecc-415c-819f-6e2058d3acb5"
}
},
"type": "UserAssigned"
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"name": "sto4445",
"type": "Microsoft.Storage/storageAccounts",
"location": "eastus",
"tags": {},
"properties": {
"privateEndpointConnections": [],
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": "",
"currentVersionedKeyIdentifier": "https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad",
"lastKeyRotationTimestamp": "2019-12-13T20:36:23.7023290Z"
},
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
}
},
"keySource": "Microsoft.Keyvault"
},
"accessTier": "Hot",
"provisioningState": "Succeeded",
"creationTime": "2020-12-15T00:43:14.0839093Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus",
"statusOfPrimary": "available"
}
}
StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res131918/providers/Microsoft.Storage/storageAccounts/sto131918?api-version=2023-01-01
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
}
},
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": ""
},
"keySource": "Microsoft.Keyvault",
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540"
}
}
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionIdentity;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.Identity;
import com.azure.resourcemanager.storage.models.IdentityType;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.KeyVaultProperties;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.UserAssignedIdentity;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
*/
/**
* Sample code: StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res131918", "sto131918",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_LRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withIdentity(new Identity().withType(IdentityType.USER_ASSIGNED).withUserAssignedIdentities(mapOf(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
new UserAssignedIdentity())))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_KEYVAULT)
.withKeyVaultProperties(new KeyVaultProperties().withKeyName("fakeTokenPlaceholder")
.withKeyVersion("fakeTokenPlaceholder").withKeyVaultUri("fakeTokenPlaceholder"))
.withEncryptionIdentity(new EncryptionIdentity().withEncryptionUserAssignedIdentity(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}")
.withEncryptionFederatedIdentityClientId("f83c6b1b-4d34-47e4-bb34-9d83df58b540"))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_user_assigned_identity_with_federated_identity_client_id.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res131918",
account_name="sto131918",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
},
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"identity": {
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540",
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
"keySource": "Microsoft.Keyvault",
"keyvaultproperties": {
"keyname": "wrappingKey",
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyversion": "",
},
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
}
},
"sku": {"name": "Standard_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res131918", "sto131918", armstorage.AccountCreateParameters{
Identity: &armstorage.Identity{
Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {},
},
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
Encryption: &armstorage.Encryption{
EncryptionIdentity: &armstorage.EncryptionIdentity{
EncryptionFederatedIdentityClientID: to.Ptr("f83c6b1b-4d34-47e4-bb34-9d83df58b540"),
EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
},
KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
KeyVaultProperties: &armstorage.KeyVaultProperties{
KeyName: to.Ptr("wrappingKey"),
KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
KeyVersion: to.Ptr(""),
},
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// },
// Identity: &armstorage.Identity{
// Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
// "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": &armstorage.UserAssignedIdentity{
// ClientID: to.Ptr("fbaa6278-1ecc-415c-819f-6e2058d3acb5"),
// PrincipalID: to.Ptr("8d823284-1060-42a5-9ec4-ed3d831e24d7"),
// },
// },
// },
// Kind: to.Ptr(armstorage.KindStorageV2),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierHot),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.083Z"); return t}()),
// Encryption: &armstorage.Encryption{
// EncryptionIdentity: &armstorage.EncryptionIdentity{
// EncryptionFederatedIdentityClientID: to.Ptr("f83c6b1b-4d34-47e4-bb34-9d83df58b540"),
// EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
// },
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
// KeyVaultProperties: &armstorage.KeyVaultProperties{
// CurrentVersionedKeyIdentifier: to.Ptr("https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad"),
// KeyName: to.Ptr("wrappingKey"),
// KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
// KeyVersion: to.Ptr(""),
// LastKeyRotationTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-13T20:36:23.702Z"); return t}()),
// },
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// },
// },
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus"),
// PrivateEndpointConnections: []*armstorage.PrivateEndpointConnection{
// },
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardLRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
*/
async function storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res131918";
const accountName = "sto131918";
const parameters = {
encryption: {
encryptionIdentity: {
encryptionFederatedIdentityClientId: "f83c6b1b-4d34-47e4-bb34-9d83df58b540",
encryptionUserAssignedIdentity:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
keySource: "Microsoft.Keyvault",
keyVaultProperties: {
keyName: "wrappingKey",
keyVaultUri: "https://myvault8569.vault.azure.net",
keyVersion: "",
},
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/{subscriptionId}/resourceGroups/res9101/providers/MicrosoftManagedIdentity/userAssignedIdentities/{managedIdentityName}":
{},
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_LRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"identity": {
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {
"principalId": "8d823284-1060-42a5-9ec4-ed3d831e24d7",
"clientId": "fbaa6278-1ecc-415c-819f-6e2058d3acb5"
}
},
"type": "UserAssigned"
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"name": "sto4445",
"type": "Microsoft.Storage/storageAccounts",
"location": "eastus",
"tags": {},
"properties": {
"privateEndpointConnections": [],
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540"
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": "",
"currentVersionedKeyIdentifier": "https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad",
"lastKeyRotationTimestamp": "2019-12-13T20:36:23.7023290Z"
},
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
}
},
"keySource": "Microsoft.Keyvault"
},
"accessTier": "Hot",
"provisioningState": "Succeeded",
"creationTime": "2020-12-15T00:43:14.0839093Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus",
"statusOfPrimary": "available"
}
}
StorageAccountCreateWithImmutabilityPolicy
Sample Request
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-01-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"immutableStorageWithVersioning": {
"immutabilityPolicy": {
"immutabilityPeriodSinceCreationInDays": 15,
"allowProtectedAppendWrites": true,
"state": "Unlocked"
},
"enabled": true
}
}
}
import com.azure.resourcemanager.storage.models.AccountImmutabilityPolicyProperties;
import com.azure.resourcemanager.storage.models.AccountImmutabilityPolicyState;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.ImmutableStorageAccount;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/** Samples for StorageAccounts Create. */
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/
* StorageAccountCreateWithImmutabilityPolicy.json
*/
/**
* Sample code: StorageAccountCreateWithImmutabilityPolicy.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateWithImmutabilityPolicy(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withImmutableStorageWithVersioning(new ImmutableStorageAccount().withEnabled(true)
.withImmutabilityPolicy(new AccountImmutabilityPolicyProperties()
.withImmutabilityPeriodSinceCreationInDays(15)
.withState(AccountImmutabilityPolicyState.UNLOCKED).withAllowProtectedAppendWrites(true))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_with_immutability_policy.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"immutableStorageWithVersioning": {
"enabled": True,
"immutabilityPolicy": {
"allowProtectedAppendWrites": True,
"immutabilityPeriodSinceCreationInDays": 15,
"state": "Unlocked",
},
}
},
"sku": {"name": "Standard_GRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/0baf811c3c76c87b3c127d098519bd97141222dd/specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateWithImmutabilityPolicy() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
ImmutableStorageWithVersioning: &armstorage.ImmutableStorageAccount{
Enabled: to.Ptr(true),
ImmutabilityPolicy: &armstorage.AccountImmutabilityPolicyProperties{
AllowProtectedAppendWrites: to.Ptr(true),
ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](15),
State: to.Ptr(armstorage.AccountImmutabilityPolicyStateUnlocked),
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// ImmutableStorageWithVersioning: &armstorage.ImmutableStorageAccount{
// Enabled: to.Ptr(true),
// ImmutabilityPolicy: &armstorage.AccountImmutabilityPolicyProperties{
// AllowProtectedAppendWrites: to.Ptr(true),
// ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](15),
// State: to.Ptr(armstorage.AccountImmutabilityPolicyStateUnlocked),
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-01-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
*/
async function storageAccountCreateWithImmutabilityPolicy() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
immutableStorageWithVersioning: {
enabled: true,
immutabilityPolicy: {
allowProtectedAppendWrites: true,
immutabilityPeriodSinceCreationInDays: 15,
state: "Unlocked",
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_GRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"immutableStorageWithVersioning": {
"immutabilityPolicy": {
"immutabilityPeriodSinceCreationInDays": 15,
"allowProtectedAppendWrites": true,
"state": "Unlocked"
},
"enabled": true
}
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"type": "Microsoft.Storage/storageAccounts"
}
Definiciones
Nombre |
Description |
AccessTier
|
Necesario para las cuentas de almacenamiento donde kind = BlobStorage. El nivel de acceso se usa para la facturación. El nivel de acceso "Premium" es el valor predeterminado para el tipo de cuenta de almacenamiento de blobs en bloques Premium y no se puede cambiar para el tipo de cuenta de almacenamiento de blobs en bloques Premium.
|
AccountImmutabilityPolicyProperties
|
Esto define las propiedades de la directiva de inmutabilidad de nivel de cuenta.
|
AccountImmutabilityPolicyState
|
El estado ImmutabilityPolicy define el modo de la directiva. El estado deshabilitado deshabilita la directiva, el estado Desbloqueado permite aumentar y disminuir el tiempo de retención de inmutabilidad y también permite alternar la propiedad allowProtectedAppendWrites, el estado Bloqueado solo permite el aumento del tiempo de retención de inmutabilidad. Una directiva solo se puede crear en un estado Deshabilitado o Desbloqueado y se puede alternar entre los dos estados. Solo una directiva en un estado Desbloqueado puede pasar a un estado Bloqueado que no se puede revertir.
|
AccountStatus
|
Obtiene el estado que indica si la ubicación principal de la cuenta de almacenamiento está disponible o no disponible.
|
AccountType
|
Especifica el tipo de cuenta de Active Directory para Azure Storage.
|
Action
|
Acción de la regla de red virtual.
|
ActiveDirectoryProperties
|
Propiedades de configuración para Active Directory (AD).
|
AllowedCopyScope
|
Restrinja la copia hacia y desde las cuentas de almacenamiento dentro de un inquilino de AAD o con vínculos privados a la misma red virtual.
|
AzureFilesIdentityBasedAuthentication
|
Configuración de Azure Files autenticación basada en identidades.
|
BlobRestoreParameters
|
Parámetros de restauración de blobs
|
BlobRestoreProgressStatus
|
El estado del progreso de la restauración de blobs. Los valores posibles son: - InProgress: indica que la restauración de blobs está en curso. - Completado: indica que la restauración de blobs se ha completado correctamente. - Error: indica que se ha producido un error en la restauración de blobs.
|
BlobRestoreRange
|
Intervalo de blobs
|
BlobRestoreStatus
|
Estado de restauración de blobs.
|
Bypass
|
Especifica si se omite el tráfico para Logging/Metrics/AzureServices. Los valores posibles son cualquier combinación de registro |Métricas|AzureServices (por ejemplo, "Registro, Métricas") o Ninguno para omitir ninguno de esos tráficos.
|
CustomDomain
|
Dominio personalizado asignado a esta cuenta de almacenamiento. Esto se puede establecer a través de Update.
|
DefaultAction
|
Especifica la acción predeterminada de permitir o denegar cuando no coinciden otras reglas.
|
DefaultSharePermission
|
Permiso de recurso compartido predeterminado para los usuarios que usan la autenticación Kerberos si no se asigna el rol RBAC.
|
DirectoryServiceOptions
|
Indica el servicio de directorio usado. Tenga en cuenta que esta enumeración puede extenderse en el futuro.
|
DnsEndpointType
|
Permite especificar el tipo de punto de conexión. Establézcalo en AzureDNSZone para crear un gran número de cuentas en una sola suscripción, que crea cuentas en una zona DNS de Azure y la dirección URL del punto de conexión tendrá un identificador de zona DNS alfanumérica.
|
Encryption
|
La configuración de cifrado en la cuenta de almacenamiento.
|
EncryptionIdentity
|
Identidad de cifrado para la cuenta de almacenamiento.
|
EncryptionService
|
Un servicio que permite usar el cifrado del lado servidor.
|
EncryptionServices
|
Lista de servicios que admiten el cifrado.
|
Endpoints
|
Los URI que se usan para realizar una recuperación de un blob público, una cola, una tabla, un objeto web o dfs.
|
ExpirationAction
|
Acción de expiración de SAS. Solo puede ser Log.
|
ExtendedLocation
|
Tipo complejo de la ubicación extendida.
|
ExtendedLocationTypes
|
Tipo de la ubicación extendida.
|
GeoReplicationStats
|
Estadísticas relacionadas con la replicación de los servicios Blob, Table, Queue y File de la cuenta de almacenamiento. Solo está disponible cuando la replicación con redundancia geográfica está habilitada para la cuenta de almacenamiento.
|
GeoReplicationStatus
|
El estado de la ubicación secundaria. Los valores posibles son: - Live: indica que la ubicación secundaria está activa y operativa. - Bootstrap: indica la sincronización inicial desde la ubicación principal a la ubicación secundaria está en curso. Esto suele ocurrir cuando la replicación está habilitada por primera vez. - No disponible: indica que la ubicación secundaria no está disponible temporalmente.
|
Identity
|
Identidad del recurso.
|
IdentityType
|
Tipo de identidad.
|
ImmutableStorageAccount
|
Esta propiedad habilita y define la inmutabilidad de nivel de cuenta. Habilitar la característica habilita automáticamente el control de versiones de blobs.
|
IPRule
|
Regla de IP con intervalos IP o IP específicos en formato CIDR.
|
KeyCreationTime
|
Hora de creación de claves de cuenta de almacenamiento.
|
KeyPolicy
|
KeyPolicy asignado a la cuenta de almacenamiento.
|
KeySource
|
KeySource (proveedor) de cifrado. Valores posibles (sin distinción entre mayúsculas y minúsculas): Microsoft.Storage, Microsoft.Keyvault
|
KeyType
|
Tipo de clave de cifrado que se usará para el servicio de cifrado. El tipo de clave "Cuenta" implica que se usará una clave de cifrado con ámbito de cuenta. El tipo de clave "Servicio" implica que se usa una clave de servicio predeterminada.
|
KeyVaultProperties
|
Propiedades del almacén de claves.
|
Kind
|
Indica el tipo de cuenta de almacenamiento.
|
LargeFileSharesState
|
Permitir recursos compartidos de archivos grandes si se establece en Habilitado. No se puede deshabilitar una vez habilitado.
|
MinimumTlsVersion
|
Establezca la versión mínima de TLS que se permitirá en las solicitudes al almacenamiento. La interpretación predeterminada es TLS 1.0 para esta propiedad.
|
NetworkRuleSet
|
Conjunto de reglas de red
|
postFailoverRedundancy
|
El tipo de redundancia de la cuenta después de realizar una conmutación por error de la cuenta.
|
postPlannedFailoverRedundancy
|
Tipo de redundancia de la cuenta después de realizar una conmutación por error de cuenta planeada.
|
PrivateEndpoint
|
El recurso punto de conexión privado.
|
PrivateEndpointConnection
|
El recurso De conexión de punto de conexión privado.
|
PrivateEndpointConnectionProvisioningState
|
Estado de aprovisionamiento actual.
|
PrivateEndpointServiceConnectionStatus
|
Estado de conexión del punto de conexión privado.
|
PrivateLinkServiceConnectionState
|
Colección de información sobre el estado de la conexión entre el consumidor de servicios y el proveedor.
|
ProvisioningState
|
Obtiene el estado de la cuenta de almacenamiento en el momento en que se llamó a la operación.
|
PublicNetworkAccess
|
Permitir o no permitir el acceso de red pública a la cuenta de almacenamiento. El valor es opcional, pero si se pasa, debe ser "Habilitado" o "Deshabilitado".
|
ResourceAccessRule
|
Regla de acceso a recursos.
|
RoutingChoice
|
La opción de enrutamiento define el tipo de enrutamiento de red elegido por el usuario.
|
RoutingPreference
|
Las preferencias de enrutamiento definen el tipo de red, microsoft o enrutamiento de Internet que se usará para entregar los datos de usuario, la opción predeterminada es el enrutamiento de Microsoft.
|
SasPolicy
|
SasPolicy asignado a la cuenta de almacenamiento.
|
Sku
|
SKU de la cuenta de almacenamiento.
|
SkuConversionStatus
|
Esta propiedad indica el estado de conversión de SKU actual.
|
SkuName
|
El nombre de la SKU. Requerido para la creación de cuentas; opcional para la actualización. Tenga en cuenta que en versiones anteriores, el nombre de la SKU se llamó accountType.
|
SkuTier
|
Nivel de SKU. Esto se basa en el nombre de la SKU.
|
State
|
Obtiene el estado de la regla de red virtual.
|
StorageAccount
|
La cuenta de almacenamiento
|
StorageAccountCreateParameters
|
Parámetros que se usan al crear una cuenta de almacenamiento.
|
StorageAccountInternetEndpoints
|
Los URI que se usan para realizar una recuperación de un blob público, un archivo, un objeto web o dfs a través de un punto de conexión de enrutamiento de Internet.
|
StorageAccountMicrosoftEndpoints
|
Los URI que se usan para realizar una recuperación de un objeto público de blob, cola, tabla, web o dfs a través de un punto de conexión de enrutamiento de Microsoft.
|
StorageAccountSkuConversionStatus
|
Esto define el objeto de estado de conversión de SKU para las conversiones asincrónicas de SKU.
|
UserAssignedIdentity
|
UserAssignedIdentity para el recurso.
|
VirtualNetworkRule
|
Virtual Network regla.
|
AccessTier
Necesario para las cuentas de almacenamiento donde kind = BlobStorage. El nivel de acceso se usa para la facturación. El nivel de acceso "Premium" es el valor predeterminado para el tipo de cuenta de almacenamiento de blobs en bloques Premium y no se puede cambiar para el tipo de cuenta de almacenamiento de blobs en bloques Premium.
Nombre |
Tipo |
Description |
Cool
|
string
|
|
Hot
|
string
|
|
Premium
|
string
|
|
AccountImmutabilityPolicyProperties
Esto define las propiedades de la directiva de inmutabilidad de nivel de cuenta.
Nombre |
Tipo |
Description |
allowProtectedAppendWrites
|
boolean
|
Esta propiedad solo se puede cambiar para las directivas de retención deshabilitadas y desbloqueadas basadas en el tiempo. Cuando se habilita, los nuevos bloques se pueden escribir en un blob en anexos al tiempo que se mantiene la protección y el cumplimiento de la inmutabilidad. Solo se pueden agregar nuevos bloques y los bloques existentes no se pueden modificar ni eliminar.
|
immutabilityPeriodSinceCreationInDays
|
integer
|
Período de inmutabilidad para los blobs del contenedor desde la creación de la directiva, en días.
|
state
|
AccountImmutabilityPolicyState
|
El estado ImmutabilityPolicy define el modo de la directiva. El estado deshabilitado deshabilita la directiva, el estado Desbloqueado permite aumentar y disminuir el tiempo de retención de inmutabilidad y también permite alternar la propiedad allowProtectedAppendWrites, el estado Bloqueado solo permite el aumento del tiempo de retención de inmutabilidad. Una directiva solo se puede crear en un estado Deshabilitado o Desbloqueado y se puede alternar entre los dos estados. Solo una directiva en un estado Desbloqueado puede pasar a un estado Bloqueado que no se puede revertir.
|
AccountImmutabilityPolicyState
El estado ImmutabilityPolicy define el modo de la directiva. El estado deshabilitado deshabilita la directiva, el estado Desbloqueado permite aumentar y disminuir el tiempo de retención de inmutabilidad y también permite alternar la propiedad allowProtectedAppendWrites, el estado Bloqueado solo permite el aumento del tiempo de retención de inmutabilidad. Una directiva solo se puede crear en un estado Deshabilitado o Desbloqueado y se puede alternar entre los dos estados. Solo una directiva en un estado Desbloqueado puede pasar a un estado Bloqueado que no se puede revertir.
Nombre |
Tipo |
Description |
Disabled
|
string
|
|
Locked
|
string
|
|
Unlocked
|
string
|
|
AccountStatus
Obtiene el estado que indica si la ubicación principal de la cuenta de almacenamiento está disponible o no disponible.
Nombre |
Tipo |
Description |
available
|
string
|
|
unavailable
|
string
|
|
AccountType
Especifica el tipo de cuenta de Active Directory para Azure Storage.
Nombre |
Tipo |
Description |
Computer
|
string
|
|
User
|
string
|
|
Action
Acción de la regla de red virtual.
Nombre |
Tipo |
Description |
Allow
|
string
|
|
ActiveDirectoryProperties
Propiedades de configuración para Active Directory (AD).
Nombre |
Tipo |
Description |
accountType
|
AccountType
|
Especifica el tipo de cuenta de Active Directory para Azure Storage.
|
azureStorageSid
|
string
|
Especifica el identificador de seguridad (SID) para Azure Storage.
|
domainGuid
|
string
|
Especifica el GUID de dominio.
|
domainName
|
string
|
Especifica el dominio principal para el que el servidor DNS de AD es autoritativo.
|
domainSid
|
string
|
Especifica el identificador de seguridad (SID).
|
forestName
|
string
|
Especifica el bosque de Active Directory que se va a obtener.
|
netBiosDomainName
|
string
|
Especifica el nombre de dominio NetBIOS.
|
samAccountName
|
string
|
Especifica el nombre SAMAccountName de Active Directory para Azure Storage.
|
AllowedCopyScope
Restrinja la copia hacia y desde las cuentas de almacenamiento dentro de un inquilino de AAD o con vínculos privados a la misma red virtual.
Nombre |
Tipo |
Description |
AAD
|
string
|
|
PrivateLink
|
string
|
|
AzureFilesIdentityBasedAuthentication
Configuración de Azure Files autenticación basada en identidades.
Nombre |
Tipo |
Description |
activeDirectoryProperties
|
ActiveDirectoryProperties
|
Obligatorio si directoryServiceOptions es AD, opcional si son AADKERB.
|
defaultSharePermission
|
DefaultSharePermission
|
Permiso de recurso compartido predeterminado para los usuarios que usan la autenticación Kerberos si no se asigna el rol RBAC.
|
directoryServiceOptions
|
DirectoryServiceOptions
|
Indica el servicio de directorio usado. Tenga en cuenta que esta enumeración se puede extender en el futuro.
|
BlobRestoreParameters
Parámetros de restauración de blobs
Nombre |
Tipo |
Description |
blobRanges
|
BlobRestoreRange[]
|
Intervalos de blobs que se van a restaurar.
|
timeToRestore
|
string
|
Restaure el blob a la hora especificada.
|
BlobRestoreProgressStatus
El estado del progreso de la restauración de blobs. Los valores posibles son: - InProgress: indica que la restauración de blobs está en curso. - Completado: indica que la restauración de blobs se ha completado correctamente. - Error: indica que se ha producido un error en la restauración de blobs.
Nombre |
Tipo |
Description |
Complete
|
string
|
|
Failed
|
string
|
|
InProgress
|
string
|
|
BlobRestoreRange
Intervalo de blobs
Nombre |
Tipo |
Description |
endRange
|
string
|
Intervalo de extremos de blobs. Esto es exclusivo. Vacío significa fin de la cuenta.
|
startRange
|
string
|
Intervalo de inicio de blobs. Esto es inclusivo. Vacío significa inicio de la cuenta.
|
BlobRestoreStatus
Estado de restauración de blobs.
Nombre |
Tipo |
Description |
failureReason
|
string
|
Motivo del error cuando se produce un error en la restauración de blobs.
|
parameters
|
BlobRestoreParameters
|
Parámetros de solicitud de restauración de blobs.
|
restoreId
|
string
|
Identificador de la solicitud de restauración de blobs de seguimiento.
|
status
|
BlobRestoreProgressStatus
|
El estado del progreso de la restauración de blobs. Los valores posibles son: - InProgress: indica que la restauración de blobs está en curso. - Completado: indica que la restauración de blobs se ha completado correctamente. - Error: indica que se ha producido un error en la restauración de blobs.
|
Bypass
Especifica si se omite el tráfico para Logging/Metrics/AzureServices. Los valores posibles son cualquier combinación de registro |Métricas|AzureServices (por ejemplo, "Registro, Métricas") o Ninguno para omitir ninguno de esos tráficos.
Nombre |
Tipo |
Description |
AzureServices
|
string
|
|
Logging
|
string
|
|
Metrics
|
string
|
|
None
|
string
|
|
CustomDomain
Dominio personalizado asignado a esta cuenta de almacenamiento. Esto se puede establecer a través de Update.
Nombre |
Tipo |
Description |
name
|
string
|
Obtiene o establece el nombre de dominio personalizado asignado a la cuenta de almacenamiento. Name es el origen CNAME.
|
useSubDomainName
|
boolean
|
Indica si está habilitada la validación indirecta de CName. El valor predeterminado es False. Esto solo debe establecerse en las actualizaciones.
|
DefaultAction
Especifica la acción predeterminada de permitir o denegar cuando no coinciden otras reglas.
Nombre |
Tipo |
Description |
Allow
|
string
|
|
Deny
|
string
|
|
DefaultSharePermission
Permiso de recurso compartido predeterminado para los usuarios que usan la autenticación Kerberos si no se asigna el rol RBAC.
Nombre |
Tipo |
Description |
None
|
string
|
|
StorageFileDataSmbShareContributor
|
string
|
|
StorageFileDataSmbShareElevatedContributor
|
string
|
|
StorageFileDataSmbShareReader
|
string
|
|
DirectoryServiceOptions
Indica el servicio de directorio usado. Tenga en cuenta que esta enumeración puede extenderse en el futuro.
Nombre |
Tipo |
Description |
AADDS
|
string
|
|
AADKERB
|
string
|
|
AD
|
string
|
|
None
|
string
|
|
DnsEndpointType
Permite especificar el tipo de punto de conexión. Establézcalo en AzureDNSZone para crear un gran número de cuentas en una sola suscripción, que crea cuentas en una zona DNS de Azure y la dirección URL del punto de conexión tendrá un identificador de zona DNS alfanumérica.
Nombre |
Tipo |
Description |
AzureDnsZone
|
string
|
|
Standard
|
string
|
|
Encryption
La configuración de cifrado en la cuenta de almacenamiento.
Nombre |
Tipo |
Valor predeterminado |
Description |
identity
|
EncryptionIdentity
|
|
Identidad que se va a usar con cifrado del lado del servicio en reposo.
|
keySource
|
KeySource
|
Microsoft.Storage
|
KeySource (proveedor) de cifrado. Valores posibles (sin distinción entre mayúsculas y minúsculas): Microsoft.Storage, Microsoft.Keyvault
|
keyvaultproperties
|
KeyVaultProperties
|
|
Propiedades proporcionadas por el almacén de claves.
|
requireInfrastructureEncryption
|
boolean
|
|
Un valor booleano que indica si el servicio aplica o no una capa secundaria de cifrado con claves administradas por la plataforma para los datos en reposo.
|
services
|
EncryptionServices
|
|
Lista de servicios que admiten el cifrado.
|
EncryptionIdentity
Identidad de cifrado para la cuenta de almacenamiento.
Nombre |
Tipo |
Description |
federatedIdentityClientId
|
string
|
ClientId de la aplicación multiinquilino que se usará junto con la identidad asignada por el usuario para el cifrado del lado servidor de claves administradas por el cliente entre inquilinos en la cuenta de almacenamiento.
|
userAssignedIdentity
|
string
|
Identificador de recurso de la identidad UserAssigned que se va a asociar al cifrado del lado servidor en la cuenta de almacenamiento.
|
EncryptionService
Un servicio que permite usar el cifrado del lado servidor.
Nombre |
Tipo |
Description |
enabled
|
boolean
|
Valor booleano que indica si el servicio cifra o no los datos tal y como están almacenados. El cifrado en reposo está habilitado de forma predeterminada actualmente y no se puede deshabilitar.
|
keyType
|
KeyType
|
Tipo de clave de cifrado que se usará para el servicio de cifrado. El tipo de clave "Cuenta" implica que se usará una clave de cifrado con ámbito de cuenta. El tipo de clave "Servicio" implica que se usa una clave de servicio predeterminada.
|
lastEnabledTime
|
string
|
Obtiene una estimación aproximada de la fecha y hora en que el usuario ha habilitado por última vez el cifrado. Los datos se cifran en reposo de forma predeterminada hoy y no se pueden deshabilitar.
|
EncryptionServices
Lista de servicios que admiten el cifrado.
Endpoints
Los URI que se usan para realizar una recuperación de un blob público, una cola, una tabla, un objeto web o dfs.
Nombre |
Tipo |
Description |
blob
|
string
|
Obtiene el punto de conexión del blob.
|
dfs
|
string
|
Obtiene el punto de conexión dfs.
|
file
|
string
|
Obtiene el punto de conexión del archivo.
|
internetEndpoints
|
StorageAccountInternetEndpoints
|
Obtiene los puntos de conexión de almacenamiento de enrutamiento de Internet.
|
microsoftEndpoints
|
StorageAccountMicrosoftEndpoints
|
Obtiene los puntos de conexión de almacenamiento de enrutamiento de Microsoft.
|
queue
|
string
|
Obtiene el punto de conexión de la cola.
|
table
|
string
|
Obtiene el punto de conexión de la tabla.
|
web
|
string
|
Obtiene el punto de conexión web.
|
ExpirationAction
Acción de expiración de SAS. Solo puede ser Log.
Nombre |
Tipo |
Description |
Log
|
string
|
|
ExtendedLocation
Tipo complejo de la ubicación extendida.
Nombre |
Tipo |
Description |
name
|
string
|
Nombre de la ubicación extendida.
|
type
|
ExtendedLocationTypes
|
Tipo de la ubicación extendida.
|
ExtendedLocationTypes
Tipo de la ubicación extendida.
Nombre |
Tipo |
Description |
EdgeZone
|
string
|
|
GeoReplicationStats
Estadísticas relacionadas con la replicación de los servicios Blob, Table, Queue y File de la cuenta de almacenamiento. Solo está disponible cuando la replicación con redundancia geográfica está habilitada para la cuenta de almacenamiento.
Nombre |
Tipo |
Description |
canFailover
|
boolean
|
Marca booleana que indica si se admite o no la conmutación por error de la cuenta para la cuenta.
|
canPlannedFailover
|
boolean
|
Marca booleana que indica si se admite o no la conmutación por error de la cuenta planeada para la cuenta.
|
lastSyncTime
|
string
|
Se garantiza que todas las escrituras principales anteriores a este valor de fecha y hora UTC están disponibles para las operaciones de lectura. Las escrituras principales posteriores a este momento pueden encontrarse disponibles o no para su lectura. El elemento puede ser el valor predeterminado si el valor de LastSyncTime no está disponible, esto puede ocurrir si la base de datos secundaria está sin conexión o si estamos en el arranque.
|
postFailoverRedundancy
|
postFailoverRedundancy
|
El tipo de redundancia de la cuenta después de realizar una conmutación por error de la cuenta.
|
postPlannedFailoverRedundancy
|
postPlannedFailoverRedundancy
|
Tipo de redundancia de la cuenta después de realizar una conmutación por error de cuenta planeada.
|
status
|
GeoReplicationStatus
|
El estado de la ubicación secundaria. Los valores posibles son: - Live: indica que la ubicación secundaria está activa y operativa. - Bootstrap: indica la sincronización inicial desde la ubicación principal a la ubicación secundaria está en curso. Esto suele ocurrir cuando la replicación está habilitada por primera vez. - No disponible: indica que la ubicación secundaria no está disponible temporalmente.
|
GeoReplicationStatus
El estado de la ubicación secundaria. Los valores posibles son: - Live: indica que la ubicación secundaria está activa y operativa. - Bootstrap: indica la sincronización inicial desde la ubicación principal a la ubicación secundaria está en curso. Esto suele ocurrir cuando la replicación está habilitada por primera vez. - No disponible: indica que la ubicación secundaria no está disponible temporalmente.
Nombre |
Tipo |
Description |
Bootstrap
|
string
|
|
Live
|
string
|
|
Unavailable
|
string
|
|
Identity
Identidad del recurso.
Nombre |
Tipo |
Description |
principalId
|
string
|
Identificador de entidad de seguridad de la identidad de recurso.
|
tenantId
|
string
|
Identificador de inquilino del recurso.
|
type
|
IdentityType
|
Tipo de identidad.
|
userAssignedIdentities
|
<string,
UserAssignedIdentity>
|
Obtiene o establece una lista de pares clave-valor que describen el conjunto de identidades asignadas por el usuario que se usarán con esta cuenta de almacenamiento. La clave es el identificador de recursos arm de la identidad. Aquí solo se permite 1 identidad asignada por el usuario.
|
IdentityType
Tipo de identidad.
Nombre |
Tipo |
Description |
None
|
string
|
|
SystemAssigned
|
string
|
|
SystemAssigned,UserAssigned
|
string
|
|
UserAssigned
|
string
|
|
ImmutableStorageAccount
Esta propiedad habilita y define la inmutabilidad de nivel de cuenta. Habilitar la característica habilita automáticamente el control de versiones de blobs.
Nombre |
Tipo |
Description |
enabled
|
boolean
|
Marca booleana que permite la inmutabilidad de nivel de cuenta. Todos los contenedores de esta cuenta tienen habilitada la inmutabilidad de nivel de objeto de forma predeterminada.
|
immutabilityPolicy
|
AccountImmutabilityPolicyProperties
|
Especifica la directiva de inmutabilidad de nivel de cuenta predeterminada que se hereda y se aplica a los objetos que no poseen una directiva de inmutabilidad explícita en el nivel de objeto. La directiva de inmutabilidad de nivel de objeto tiene mayor prioridad que la directiva de inmutabilidad de nivel de contenedor, que tiene una prioridad más alta que la directiva de inmutabilidad de nivel de cuenta.
|
IPRule
Regla de IP con intervalos IP o IP específicos en formato CIDR.
Nombre |
Tipo |
Valor predeterminado |
Description |
action
|
Action
|
Allow
|
Acción de la regla de ACL de IP.
|
value
|
string
|
|
Especifica el intervalo IP o IP en formato CIDR. Solo se permite la dirección IPV4.
|
KeyCreationTime
Hora de creación de claves de cuenta de almacenamiento.
Nombre |
Tipo |
Description |
key1
|
string
|
|
key2
|
string
|
|
KeyPolicy
KeyPolicy asignado a la cuenta de almacenamiento.
Nombre |
Tipo |
Description |
keyExpirationPeriodInDays
|
integer
|
Período de expiración de la clave en días.
|
KeySource
KeySource (proveedor) de cifrado. Valores posibles (sin distinción entre mayúsculas y minúsculas): Microsoft.Storage, Microsoft.Keyvault
Nombre |
Tipo |
Description |
Microsoft.Keyvault
|
string
|
|
Microsoft.Storage
|
string
|
|
KeyType
Tipo de clave de cifrado que se usará para el servicio de cifrado. El tipo de clave "Cuenta" implica que se usará una clave de cifrado con ámbito de cuenta. El tipo de clave "Servicio" implica que se usa una clave de servicio predeterminada.
Nombre |
Tipo |
Description |
Account
|
string
|
|
Service
|
string
|
|
KeyVaultProperties
Propiedades del almacén de claves.
Nombre |
Tipo |
Description |
currentVersionedKeyExpirationTimestamp
|
string
|
Se trata de una propiedad de solo lectura que representa la hora de expiración de la versión actual de la clave administrada por el cliente que se usa para el cifrado.
|
currentVersionedKeyIdentifier
|
string
|
Identificador de objeto de la clave de Key Vault con versión actual en uso.
|
keyname
|
string
|
Nombre de la clave KeyVault.
|
keyvaulturi
|
string
|
Identificador URI de KeyVault.
|
keyversion
|
string
|
Versión de la clave KeyVault.
|
lastKeyRotationTimestamp
|
string
|
Marca de tiempo de la última rotación de la clave de Key Vault.
|
Kind
Indica el tipo de cuenta de almacenamiento.
Nombre |
Tipo |
Description |
BlobStorage
|
string
|
|
BlockBlobStorage
|
string
|
|
FileStorage
|
string
|
|
Storage
|
string
|
|
StorageV2
|
string
|
|
LargeFileSharesState
Permitir recursos compartidos de archivos grandes si se establece en Habilitado. No se puede deshabilitar una vez habilitado.
Nombre |
Tipo |
Description |
Disabled
|
string
|
|
Enabled
|
string
|
|
MinimumTlsVersion
Establezca la versión mínima de TLS que se permitirá en las solicitudes al almacenamiento. La interpretación predeterminada es TLS 1.0 para esta propiedad.
Nombre |
Tipo |
Description |
TLS1_0
|
string
|
|
TLS1_1
|
string
|
|
TLS1_2
|
string
|
|
NetworkRuleSet
Conjunto de reglas de red
Nombre |
Tipo |
Valor predeterminado |
Description |
bypass
|
Bypass
|
AzureServices
|
Especifica si se omite el tráfico para Logging/Metrics/AzureServices. Los valores posibles son cualquier combinación de Registro |Métricas|AzureServices (por ejemplo, "Registro, Métricas") o Ninguno para omitir ninguno de esos tráficos.
|
defaultAction
|
DefaultAction
|
Allow
|
Especifica la acción predeterminada de permitir o denegar cuando no coinciden otras reglas.
|
ipRules
|
IPRule[]
|
|
Establece las reglas de ACL de IP
|
resourceAccessRules
|
ResourceAccessRule[]
|
|
Establece las reglas de acceso a recursos
|
virtualNetworkRules
|
VirtualNetworkRule[]
|
|
Establece las reglas de red virtual
|
postFailoverRedundancy
El tipo de redundancia de la cuenta después de realizar una conmutación por error de la cuenta.
Nombre |
Tipo |
Description |
Standard_LRS
|
string
|
|
Standard_ZRS
|
string
|
|
postPlannedFailoverRedundancy
Tipo de redundancia de la cuenta después de realizar una conmutación por error de cuenta planeada.
Nombre |
Tipo |
Description |
Standard_GRS
|
string
|
|
Standard_GZRS
|
string
|
|
Standard_RAGRS
|
string
|
|
Standard_RAGZRS
|
string
|
|
PrivateEndpoint
El recurso punto de conexión privado.
Nombre |
Tipo |
Description |
id
|
string
|
El identificador de ARM para el punto de conexión privado
|
PrivateEndpointConnection
El recurso De conexión de punto de conexión privado.
Nombre |
Tipo |
Description |
id
|
string
|
Identificador de recurso completo del recurso. Por ejemplo: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
Nombre del recurso.
|
properties.privateEndpoint
|
PrivateEndpoint
|
Recurso del punto de conexión privado.
|
properties.privateLinkServiceConnectionState
|
PrivateLinkServiceConnectionState
|
Colección de información sobre el estado de la conexión entre el consumidor de servicios y el proveedor.
|
properties.provisioningState
|
PrivateEndpointConnectionProvisioningState
|
Estado de aprovisionamiento del recurso de conexión de punto de conexión privado.
|
type
|
string
|
Tipo de recurso. Por ejemplo, "Microsoft.Compute/virtualMachines" o "Microsoft.Storage/storageAccounts"
|
PrivateEndpointConnectionProvisioningState
Estado de aprovisionamiento actual.
Nombre |
Tipo |
Description |
Creating
|
string
|
|
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
PrivateEndpointServiceConnectionStatus
Estado de conexión del punto de conexión privado.
Nombre |
Tipo |
Description |
Approved
|
string
|
|
Pending
|
string
|
|
Rejected
|
string
|
|
PrivateLinkServiceConnectionState
Colección de información sobre el estado de la conexión entre el consumidor de servicios y el proveedor.
Nombre |
Tipo |
Description |
actionRequired
|
string
|
Mensaje que indica si los cambios en el proveedor de servicios requieren actualizaciones en el consumidor.
|
description
|
string
|
Motivo de aprobación o rechazo de la conexión.
|
status
|
PrivateEndpointServiceConnectionStatus
|
Indica si el propietario del servicio ha aprobado, rechazado o quitado la conexión.
|
ProvisioningState
Obtiene el estado de la cuenta de almacenamiento en el momento en que se llamó a la operación.
Nombre |
Tipo |
Description |
Creating
|
string
|
|
ResolvingDNS
|
string
|
|
Succeeded
|
string
|
|
PublicNetworkAccess
Permitir o no permitir el acceso de red pública a la cuenta de almacenamiento. El valor es opcional, pero si se pasa, debe ser "Habilitado" o "Deshabilitado".
Nombre |
Tipo |
Description |
Disabled
|
string
|
|
Enabled
|
string
|
|
ResourceAccessRule
Regla de acceso a recursos.
Nombre |
Tipo |
Description |
resourceId
|
string
|
Id. de recurso
|
tenantId
|
string
|
Identificador de inquilino
|
RoutingChoice
La opción de enrutamiento define el tipo de enrutamiento de red elegido por el usuario.
Nombre |
Tipo |
Description |
InternetRouting
|
string
|
|
MicrosoftRouting
|
string
|
|
RoutingPreference
Las preferencias de enrutamiento definen el tipo de red, microsoft o enrutamiento de Internet que se usará para entregar los datos de usuario, la opción predeterminada es el enrutamiento de Microsoft.
Nombre |
Tipo |
Description |
publishInternetEndpoints
|
boolean
|
Marca booleana que indica si se van a publicar puntos de conexión de almacenamiento de enrutamiento de Internet.
|
publishMicrosoftEndpoints
|
boolean
|
Marca booleana que indica si se van a publicar puntos de conexión de almacenamiento de enrutamiento de Microsoft.
|
routingChoice
|
RoutingChoice
|
La opción de enrutamiento define el tipo de enrutamiento de red elegido por el usuario.
|
SasPolicy
SasPolicy asignado a la cuenta de almacenamiento.
Nombre |
Tipo |
Valor predeterminado |
Description |
expirationAction
|
ExpirationAction
|
Log
|
Acción de expiración de SAS. Solo puede ser Log.
|
sasExpirationPeriod
|
string
|
|
El período de expiración de SAS, DD.HH:MM:SS.
|
Sku
SKU de la cuenta de almacenamiento.
Nombre |
Tipo |
Description |
name
|
SkuName
|
El nombre de la SKU. Necesario para la creación de cuentas; opcional para la actualización. Tenga en cuenta que en versiones anteriores, el nombre de la SKU se llamó accountType.
|
tier
|
SkuTier
|
Nivel de SKU. Esto se basa en el nombre de la SKU.
|
SkuConversionStatus
Esta propiedad indica el estado de conversión de SKU actual.
Nombre |
Tipo |
Description |
Failed
|
string
|
|
InProgress
|
string
|
|
Succeeded
|
string
|
|
SkuName
El nombre de la SKU. Requerido para la creación de cuentas; opcional para la actualización. Tenga en cuenta que en versiones anteriores, el nombre de la SKU se llamó accountType.
Nombre |
Tipo |
Description |
Premium_LRS
|
string
|
|
Premium_ZRS
|
string
|
|
Standard_GRS
|
string
|
|
Standard_GZRS
|
string
|
|
Standard_LRS
|
string
|
|
Standard_RAGRS
|
string
|
|
Standard_RAGZRS
|
string
|
|
Standard_ZRS
|
string
|
|
SkuTier
Nivel de SKU. Esto se basa en el nombre de la SKU.
Nombre |
Tipo |
Description |
Premium
|
string
|
|
Standard
|
string
|
|
State
Obtiene el estado de la regla de red virtual.
Nombre |
Tipo |
Description |
Deprovisioning
|
string
|
|
Failed
|
string
|
|
NetworkSourceDeleted
|
string
|
|
Provisioning
|
string
|
|
Succeeded
|
string
|
|
StorageAccount
La cuenta de almacenamiento
Nombre |
Tipo |
Description |
extendedLocation
|
ExtendedLocation
|
ExtendedLocation del recurso.
|
id
|
string
|
Identificador de recurso completo del recurso. Por ejemplo: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
identity
|
Identity
|
Identidad del recurso.
|
kind
|
Kind
|
Obtiene el tipo.
|
location
|
string
|
Ubicación geográfica donde reside el recurso
|
name
|
string
|
Nombre del recurso.
|
properties.accessTier
|
AccessTier
|
Necesario para las cuentas de almacenamiento donde kind = BlobStorage. El nivel de acceso se usa para la facturación. El nivel de acceso "Premium" es el valor predeterminado para el tipo de cuenta de almacenamiento de blobs en bloques Premium y no se puede cambiar para el tipo de cuenta de almacenamiento de blobs en bloques Premium.
|
properties.accountMigrationInProgress
|
boolean
|
Si la migración de la cuenta iniciada por el cliente está en curso, el valor será true; de lo contrario, será null.
|
properties.allowBlobPublicAccess
|
boolean
|
Permitir o no permitir el acceso público a todos los blobs o contenedores de la cuenta de almacenamiento. La interpretación predeterminada es false para esta propiedad.
|
properties.allowCrossTenantReplication
|
boolean
|
Permitir o no permitir la replicación de objetos de inquilino de AAD. Establezca esta propiedad en true para las cuentas nuevas o existentes solo si las directivas de replicación de objetos implican cuentas de almacenamiento en distintos inquilinos de AAD. La interpretación predeterminada es falsa para que las nuevas cuentas sigan los procedimientos de seguridad recomendados de forma predeterminada.
|
properties.allowSharedKeyAccess
|
boolean
|
Indica si la cuenta de almacenamiento permite autorizar las solicitudes con la clave de acceso de la cuenta a través de clave compartida. Si es false, todas las solicitudes, incluidas las firmas de acceso compartido, deben estar autorizadas con Azure Active Directory (Azure AD). El valor predeterminado es null, que es equivalente a true.
|
properties.allowedCopyScope
|
AllowedCopyScope
|
Restrinja la copia hacia y desde las cuentas de almacenamiento dentro de un inquilino de AAD o con vínculos privados a la misma red virtual.
|
properties.azureFilesIdentityBasedAuthentication
|
AzureFilesIdentityBasedAuthentication
|
Proporciona la configuración de autenticación basada en identidades para Azure Files.
|
properties.blobRestoreStatus
|
BlobRestoreStatus
|
Estado de restauración de blobs
|
properties.creationTime
|
string
|
Obtiene la fecha y hora de creación de la cuenta de almacenamiento en UTC.
|
properties.customDomain
|
CustomDomain
|
Obtiene el dominio personalizado que el usuario asignó a esta cuenta de almacenamiento.
|
properties.defaultToOAuthAuthentication
|
boolean
|
Marca booleana que indica si la autenticación predeterminada es OAuth o no. La interpretación predeterminada es false para esta propiedad.
|
properties.dnsEndpointType
|
DnsEndpointType
|
Permite especificar el tipo de punto de conexión. Establézcalo en AzureDNSZone para crear un gran número de cuentas en una sola suscripción, que crea cuentas en una zona DNS de Azure y la dirección URL del punto de conexión tendrá un identificador de zona DNS alfanumérica.
|
properties.encryption
|
Encryption
|
Configuración de cifrado que se va a usar para el cifrado del lado servidor para la cuenta de almacenamiento.
|
properties.failoverInProgress
|
boolean
|
Si la conmutación por error está en curso, el valor será true; de lo contrario, será null.
|
properties.geoReplicationStats
|
GeoReplicationStats
|
Estadísticas de replicación geográfica
|
properties.immutableStorageWithVersioning
|
ImmutableStorageAccount
|
La propiedad es inmutable y solo se puede establecer en true en la hora de creación de la cuenta. Cuando se establece en true, habilita la inmutabilidad de nivel de objeto para todos los contenedores de la cuenta de forma predeterminada.
|
properties.isHnsEnabled
|
boolean
|
Account HierarchicalNamespace habilitado si establece en true.
|
properties.isLocalUserEnabled
|
boolean
|
Habilita la característica de usuarios locales, si se establece en true.
|
properties.isNfsV3Enabled
|
boolean
|
La compatibilidad con el protocolo NFS 3.0 está habilitada si se establece en true.
|
properties.isSftpEnabled
|
boolean
|
Habilita el protocolo de transferencia de archivos seguros, si se establece en true.
|
properties.isSkuConversionBlocked
|
boolean
|
Esta propiedad se establecerá en true o false en un evento de migración en curso. El valor predeterminado es null.
|
properties.keyCreationTime
|
KeyCreationTime
|
Hora de creación de claves de cuenta de almacenamiento.
|
properties.keyPolicy
|
KeyPolicy
|
KeyPolicy asignado a la cuenta de almacenamiento.
|
properties.largeFileSharesState
|
LargeFileSharesState
|
Permitir recursos compartidos de archivos grandes si se establece en Habilitado. No se puede deshabilitar una vez habilitado.
|
properties.lastGeoFailoverTime
|
string
|
Obtiene la marca de tiempo de la instancia más reciente de una conmutación por error a la ubicación secundaria. Solo se conserva la marca de tiempo más reciente. Este elemento no se devuelve si nunca ha habido una instancia de conmutación por error. Solo está disponible si accountType está Standard_GRS o Standard_RAGRS.
|
properties.minimumTlsVersion
|
MinimumTlsVersion
|
Establezca la versión mínima de TLS que se permitirá en las solicitudes al almacenamiento. La interpretación predeterminada es TLS 1.0 para esta propiedad.
|
properties.networkAcls
|
NetworkRuleSet
|
Conjunto de reglas de red
|
properties.primaryEndpoints
|
Endpoints
|
Obtiene las direcciones URL que se usan para realizar una recuperación de un objeto de tabla, cola o blob público. Tenga en cuenta que Standard_ZRS y Premium_LRS cuentas solo devuelven el punto de conexión de blob.
|
properties.primaryLocation
|
string
|
Obtiene la ubicación del centro de datos principal de la cuenta de almacenamiento.
|
properties.privateEndpointConnections
|
PrivateEndpointConnection[]
|
Lista de conexiones de punto de conexión privado asociadas a la cuenta de almacenamiento especificada
|
properties.provisioningState
|
ProvisioningState
|
Obtiene el estado de la cuenta de almacenamiento en el momento en que se llamó a la operación.
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
Permitir o no permitir el acceso de red pública a la cuenta de almacenamiento. El valor es opcional, pero si se pasa, debe ser "Habilitado" o "Deshabilitado".
|
properties.routingPreference
|
RoutingPreference
|
Mantiene información sobre la opción de enrutamiento de red elegida por el usuario para la transferencia de datos.
|
properties.sasPolicy
|
SasPolicy
|
SasPolicy asignado a la cuenta de almacenamiento.
|
properties.secondaryEndpoints
|
Endpoints
|
Obtiene las direcciones URL que se usan para realizar una recuperación de un objeto de tabla, cola o blob público desde la ubicación secundaria de la cuenta de almacenamiento. Solo está disponible si el nombre de la SKU es Standard_RAGRS.
|
properties.secondaryLocation
|
string
|
Obtiene la ubicación de la base de datos secundaria con replicación geográfica para la cuenta de almacenamiento. Solo está disponible si accountType está Standard_GRS o Standard_RAGRS.
|
properties.statusOfPrimary
|
AccountStatus
|
Obtiene el estado que indica si la ubicación principal de la cuenta de almacenamiento está disponible o no disponible.
|
properties.statusOfSecondary
|
AccountStatus
|
Obtiene el estado que indica si la ubicación secundaria de la cuenta de almacenamiento está disponible o no disponible. Solo está disponible si el nombre de la SKU es Standard_GRS o Standard_RAGRS.
|
properties.storageAccountSkuConversionStatus
|
StorageAccountSkuConversionStatus
|
Esta propiedad es readOnly y la establece el servidor durante las operaciones asincrónicas de conversión de SKU de la cuenta de almacenamiento.
|
properties.supportsHttpsTrafficOnly
|
boolean
|
Permite el tráfico https solo al servicio de almacenamiento si se establece en true.
|
sku
|
Sku
|
Obtiene la SKU.
|
tags
|
object
|
Etiquetas del recurso.
|
type
|
string
|
Tipo de recurso. Por ejemplo, "Microsoft.Compute/virtualMachines" o "Microsoft.Storage/storageAccounts"
|
StorageAccountCreateParameters
Parámetros que se usan al crear una cuenta de almacenamiento.
Nombre |
Tipo |
Description |
extendedLocation
|
ExtendedLocation
|
Opcional. Establezca la ubicación extendida del recurso. Si no se establece, la cuenta de almacenamiento se creará en la región principal de Azure. De lo contrario, se creará en la ubicación extendida especificada.
|
identity
|
Identity
|
Identidad del recurso.
|
kind
|
Kind
|
Necesario. Indica el tipo de cuenta de almacenamiento.
|
location
|
string
|
Necesario. Obtiene o establece la ubicación del recurso. Se trata de una de las regiones geográficas de Azure admitidas y registradas (por ejemplo, Oeste de EE. UU., Este de EE. UU., Sudeste de Asia, etc.). La región geográfica de un recurso no se puede cambiar una vez creada, pero si se especifica una región geográfica idéntica al actualizar, la solicitud se realizará correctamente.
|
properties.accessTier
|
AccessTier
|
Necesario para las cuentas de almacenamiento donde kind = BlobStorage. El nivel de acceso se usa para la facturación. El nivel de acceso "Premium" es el valor predeterminado para el tipo de cuenta de almacenamiento de blobs en bloques Premium y no se puede cambiar para el tipo de cuenta de almacenamiento de blobs en bloques Premium.
|
properties.allowBlobPublicAccess
|
boolean
|
Permitir o no permitir el acceso público a todos los blobs o contenedores de la cuenta de almacenamiento. La interpretación predeterminada es false para esta propiedad.
|
properties.allowCrossTenantReplication
|
boolean
|
Permitir o no permitir la replicación de objetos de inquilino de AAD. Establezca esta propiedad en true para las cuentas nuevas o existentes solo si las directivas de replicación de objetos implican cuentas de almacenamiento en distintos inquilinos de AAD. La interpretación predeterminada es falsa para que las nuevas cuentas sigan los procedimientos de seguridad recomendados de forma predeterminada.
|
properties.allowSharedKeyAccess
|
boolean
|
Indica si la cuenta de almacenamiento permite autorizar las solicitudes con la clave de acceso de la cuenta a través de clave compartida. Si es false, todas las solicitudes, incluidas las firmas de acceso compartido, deben estar autorizadas con Azure Active Directory (Azure AD). El valor predeterminado es null, que es equivalente a true.
|
properties.allowedCopyScope
|
AllowedCopyScope
|
Restrinja la copia hacia y desde las cuentas de almacenamiento dentro de un inquilino de AAD o con vínculos privados a la misma red virtual.
|
properties.azureFilesIdentityBasedAuthentication
|
AzureFilesIdentityBasedAuthentication
|
Proporciona la configuración de autenticación basada en identidades para Azure Files.
|
properties.customDomain
|
CustomDomain
|
Dominio de usuario asignado a la cuenta de almacenamiento. Name es el origen CNAME. Solo se admite un dominio personalizado por cuenta de almacenamiento en este momento. Para borrar el dominio personalizado existente, use una cadena vacía para la propiedad de nombre de dominio personalizado.
|
properties.defaultToOAuthAuthentication
|
boolean
|
Marca booleana que indica si la autenticación predeterminada es OAuth o no. La interpretación predeterminada es false para esta propiedad.
|
properties.dnsEndpointType
|
DnsEndpointType
|
Permite especificar el tipo de punto de conexión. Establézcalo en AzureDNSZone para crear un gran número de cuentas en una sola suscripción, que crea cuentas en una zona DNS de Azure y la dirección URL del punto de conexión tendrá un identificador de zona DNS alfanumérica.
|
properties.encryption
|
Encryption
|
Configuración de cifrado que se usará para el cifrado del lado servidor para la cuenta de almacenamiento.
|
properties.immutableStorageWithVersioning
|
ImmutableStorageAccount
|
La propiedad es inmutable y solo se puede establecer en true en la hora de creación de la cuenta. Cuando se establece en true, habilita la inmutabilidad de nivel de objeto para todos los contenedores nuevos de la cuenta de forma predeterminada.
|
properties.isHnsEnabled
|
boolean
|
Account HierarchicalNamespace habilitado si se establece en true.
|
properties.isLocalUserEnabled
|
boolean
|
Habilita la característica de usuarios locales, si se establece en true.
|
properties.isNfsV3Enabled
|
boolean
|
La compatibilidad con el protocolo NFS 3.0 está habilitada si se establece en true.
|
properties.isSftpEnabled
|
boolean
|
Habilita el protocolo seguro de transferencia de archivos, si se establece en true.
|
properties.keyPolicy
|
KeyPolicy
|
KeyPolicy asignado a la cuenta de almacenamiento.
|
properties.largeFileSharesState
|
LargeFileSharesState
|
Permitir recursos compartidos de archivos grandes si se establece en Habilitado. No se puede deshabilitar una vez habilitado.
|
properties.minimumTlsVersion
|
MinimumTlsVersion
|
Establezca la versión mínima de TLS que se permitirá en las solicitudes al almacenamiento. La interpretación predeterminada es TLS 1.0 para esta propiedad.
|
properties.networkAcls
|
NetworkRuleSet
|
Conjunto de reglas de red
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
Permitir o no permitir el acceso de red pública a la cuenta de almacenamiento. El valor es opcional, pero si se pasa, debe ser "Habilitado" o "Deshabilitado".
|
properties.routingPreference
|
RoutingPreference
|
Mantiene información sobre la opción de enrutamiento de red elegida por el usuario para la transferencia de datos.
|
properties.sasPolicy
|
SasPolicy
|
SasPolicy asignado a la cuenta de almacenamiento.
|
properties.supportsHttpsTrafficOnly
|
boolean
|
Permite el tráfico https solo al servicio de almacenamiento si se establece en true. El valor predeterminado es true desde la versión de API 2019-04-01.
|
sku
|
Sku
|
Necesario. Obtiene o establece el nombre de la SKU.
|
tags
|
object
|
Obtiene o establece una lista de pares clave-valor que describen el recurso. Estas etiquetas se pueden usar para ver y agrupar este recurso (entre grupos de recursos). Se puede proporcionar un máximo de 15 etiquetas para un recurso. Cada etiqueta debe tener una clave con una longitud no superior a 128 caracteres y un valor con una longitud no superior a 256 caracteres.
|
StorageAccountInternetEndpoints
Los URI que se usan para realizar una recuperación de un blob público, un archivo, un objeto web o dfs a través de un punto de conexión de enrutamiento de Internet.
Nombre |
Tipo |
Description |
blob
|
string
|
Obtiene el punto de conexión del blob.
|
dfs
|
string
|
Obtiene el punto de conexión dfs.
|
file
|
string
|
Obtiene el punto de conexión del archivo.
|
web
|
string
|
Obtiene el punto de conexión web.
|
StorageAccountMicrosoftEndpoints
Los URI que se usan para realizar una recuperación de un objeto público de blob, cola, tabla, web o dfs a través de un punto de conexión de enrutamiento de Microsoft.
Nombre |
Tipo |
Description |
blob
|
string
|
Obtiene el punto de conexión del blob.
|
dfs
|
string
|
Obtiene el punto de conexión dfs.
|
file
|
string
|
Obtiene el punto de conexión del archivo.
|
queue
|
string
|
Obtiene el punto de conexión de la cola.
|
table
|
string
|
Obtiene el punto de conexión de la tabla.
|
web
|
string
|
Obtiene el punto de conexión web.
|
StorageAccountSkuConversionStatus
Esto define el objeto de estado de conversión de SKU para las conversiones asincrónicas de SKU.
Nombre |
Tipo |
Description |
endTime
|
string
|
Esta propiedad representa la hora de finalización de la conversión de SKU.
|
skuConversionStatus
|
SkuConversionStatus
|
Esta propiedad indica el estado de conversión de SKU actual.
|
startTime
|
string
|
Esta propiedad representa la hora de inicio de la conversión de SKU.
|
targetSkuName
|
SkuName
|
Esta propiedad representa el nombre de SKU de destino al que la SKU de cuenta se convierte de forma asincrónica.
|
UserAssignedIdentity
UserAssignedIdentity para el recurso.
Nombre |
Tipo |
Description |
clientId
|
string
|
Identificador de cliente de la identidad.
|
principalId
|
string
|
Identificador de entidad de seguridad de la identidad.
|
VirtualNetworkRule
Virtual Network regla.
Nombre |
Tipo |
Valor predeterminado |
Description |
action
|
Action
|
Allow
|
Acción de la regla de red virtual.
|
id
|
string
|
|
Identificador de recurso de una subred, por ejemplo: /subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}.
|
state
|
State
|
|
Obtiene el estado de la regla de red virtual.
|