How can I obtain or create encryption scopes for an Azure storage account by using dotnet?

小龙 - Huron 吴 0 Reputation points
2024-12-20T07:56:38.9133333+00:00

This document details the operations on encryption scopes.

https://learn.microsoft.com/en-us/rest/api/aiservices/accountmanagement/encryption-scopes/get?view=rest-aiservices-accountmanagement-2024-10-01&tabs=dotnet#examples

However, I'm not familiar with this.

TokenCredential cred = new DefaultAzureCredential(); // authenticate your client ArmClient client = new ArmClient(cred);

I usually use the storage account access key to interact with my containers and perform blob file uploads and downloads. Is it possible to obtain/create encryption scopes in a similar manner (by using the storage account access key)?

Edit:

Thank you very much for your reply. What I need to do is to create a container with an encryption scope through this code. Since the encryption scope is not created in advance, it needs to be created by code when creating the container. Since operating the encryption scope requires AAD authentication, is there a way to access it through something like a token?

var blobServiceClient = new BlobServiceClient(connectionString);
var containerClient = blobServiceClient.GetBlobContainerClient(blobContainerName); await containerClient.CreateIfNotExistsAsync(PublicAccessType.None, null, new BlobContainerEncryptionScopeOptions {
PreventEncryptionScopeOverride = true, DefaultEncryptionScope = blobContainerName
});

Is this method of creating a container with an encryption scope and creating the encryption scope at the same time a good practice? Are there any better practices?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,292 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,004 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Amrinder Singh 5,555 Reputation points Microsoft Employee
    2024-12-20T17:08:25.5533333+00:00

    Hi 小龙 - Huron 吴 - Thanks for reaching out.

    The link you have shared appears to be related to Azure AI Service and account management with that and not related to the storage account one.

    I would recommend to review the below sample classes / methods which shall help in capitalizing further.:

    https://learn.microsoft.com/en-us/dotnet/api/azure.resourcemanager.storage.models.storageaccountencryption?view=azure-dotnet

    https://learn.microsoft.com/en-us/dotnet/api/azure.provisioning.storage.encryptionscope?view=azure-dotnet

    Hope that helps!

    If there are any queries. let me know and will be glad to assist.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.