New-AzStorageFileSASToken

Generates a shared access signature token for a Storage file.

Syntax

New-AzStorageFileSASToken
   [-ShareName] <String>
   [-Path] <String>
   [-Permission <String>]
   [-Protocol <String>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzStorageFileSASToken
   [-ShareName] <String>
   [-Path] <String>
   -Policy <String>
   [-Protocol <String>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzStorageFileSASToken
   -ShareFileClient <ShareFileClient>
   [-Permission <String>]
   [-Protocol <String>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzStorageFileSASToken
   -ShareFileClient <ShareFileClient>
   -Policy <String>
   [-Protocol <String>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzStorageFileSASToken cmdlet generates a shared access signature token for an Azure Storage file.

Examples

Example 1: Generate a shared access signature token that has full file permissions

New-AzStorageFileSASToken -ShareName "ContosoShare" -Path "FilePath" -Permission "rwd"

This command generates a shared access signature token that has full permissions for the file that is named FilePath.

Example 2: Generate a shared access signature token that has a time limit

$StartTime = Get-Date
$EndTime = $StartTime.AddHours(2.0)
New-AzStorageFileSASToken -ShareName "ContosoShare" -Path "FilePath" -Permission "rwd" -StartTime $StartTime -ExpiryTime $EndTime

The first command creates a DateTime object by using the Get-Date cmdlet. The command stores the current time in the $StartTime variable. The second command adds two hours to the object in $StartTime, and then stores the result in the $EndTime variable. This object is a time two hours in the future. The third command generates a shared access signature token that has the specified permissions. This token becomes valid at the current time. The token remains valid until time stored in $EndTime.

Parameters

-Context

Specifies an Azure Storage context. To obtain a context, use the New-AzStorageContext cmdlet.

Type:IStorageContext
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ExpiryTime

Specifies the time at which the shared access signature becomes invalid.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-FullUri

Indicates that this cmdlet return the full blob URI and the shared access signature token.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IPAddressOrRange

Specifies the IP address or range of IP addresses from which to accept requests, such as 168.1.5.65 or 168.1.5.60-168.1.5.70. The range is inclusive.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Path

Specifies the path of the file relative to a Storage share.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Permission

Specifies the permissions for a Storage file. It is important to note that this is a string, like rwd (for Read, Write and Delete).

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Policy

Specifies the stored access policy for a file.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Protocol

Specifies the protocol permitted for a request. The acceptable values for this parameter are:

  • HttpsOnly
  • HttpsOrHttp The default value is HttpsOrHttp.
Type:String
Accepted values:HttpsOnly, HttpsOrHttp
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ShareFileClient

ShareFileClient instance to represent the file to get SAS token against.

Type:ShareFileClient
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ShareName

Specifies the name of the Storage share.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-StartTime

Specifies the time at which the shared access signature becomes valid.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

ShareFileClient

IStorageContext

Outputs

String