Edit

Share via

New-AzureStorageFileSASToken

  • Reference
Module:
Azure.Storage

Generates a shared access signature token for a Storage file.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

New-AzureStorageFileSASToken
   [-ShareName] <String>
   [-Path] <String>
   [-Permission <String>]
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzureStorageFileSASToken
   [-ShareName] <String>
   [-Path] <String>
   -Policy <String>
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-Context <IStorageContext>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzureStorageFileSASToken
   -File <CloudFile>
   [-Permission <String>]
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzureStorageFileSASToken
   -File <CloudFile>
   -Policy <String>
   [-Protocol <SharedAccessProtocol>]
   [-IPAddressOrRange <String>]
   [-StartTime <DateTime>]
   [-ExpiryTime <DateTime>]
   [-FullUri]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzureStorageFileSASToken cmdlet generates a shared access signature token for an Azure Storage file.

Examples

Example 1: Generate a shared access signature token that has full file permissions

PS C:\> New-AzureStorageFileSASToken -ShareName "ContosoShare" -Path "FilePath" -Permission "rwd"

This command generates a shared access signature token that has full permissions for the file that is named FilePath.

Example 2: Generate a shared access signature token that has a time limit

PS C:\> $StartTime = Get-Date
PS C:\> $EndTime = $StartTime.AddHours(2.0)
PS C:\> New-AzureStorageFileSASToken -ShareName "ContosoShare" -Path "FilePath" -Permission "rwd" -StartTime $StartTime -ExpiryTime $EndTime

The first command creates a DateTime object by using the Get-Date cmdlet. The command stores the current time in the $StartTime variable. The second command adds two hours to the object in $StartTime, and then stores the result in the $EndTime variable. This object is a time two hours in the future. The third command generates a shared access signature token that has the specified permissions. This token becomes valid at the current time. The token remains valid until time stored in $EndTime.

Parameters

-Context

Specifies an Azure Storage context. To obtain a context, use the New-AzureStorageContext cmdlet.

Type:IStorageContext
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ExpiryTime

Specifies the time at which the shared access signature becomes invalid.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-File

Specifies a CloudFile object. You can create a cloud file or obtain one by using the Get-AzureStorageFile cmdlet.

Type:CloudFile
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-FullUri

Indicates that this cmdlet return the full blob URI and the shared access signature token.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IPAddressOrRange

Specifies the IP address or range of IP addresses from which to accept requests, such as 168.1.5.65 or 168.1.5.60-168.1.5.70. The range is inclusive.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Path

Specifies the path of the file relative to a Storage share.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Permission

Specifies the permissions for a Storage file. It is important to note that this is a string, like rwd (for Read, Write and Delete).

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Policy

Specifies the stored access policy for a file.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Protocol

Specifies the protocol permitted for a request. The acceptable values for this parameter are:

  • HttpsOnly
  • HttpsOrHttp The default value is HttpsOrHttp.
Type:Nullable<T>[SharedAccessProtocol]
Accepted values:HttpsOnly, HttpsOrHttp
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ShareName

Specifies the name of the Storage share.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-StartTime

Specifies the time at which the shared access signature becomes valid.

Type:Nullable<T>[DateTime]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

CloudFile

IStorageContext

Parameters: Context (ByValue)

Outputs

String