SharedAccessSignature Class
Provides a factory for creating account access signature tokens with an account name and account key. Users can either use the factory or can construct the appropriate service and use the generate_*_shared_access_signature method directly.
- Inheritance
-
builtins.objectSharedAccessSignature
Constructor
SharedAccessSignature(account_name, account_key, x_ms_version='2019-02-02')Parameters
| Name | Description |
|---|---|
|
account_name
Required
|
The storage account name used to generate the shared access signatures. |
|
account_key
Required
|
The access key to generate the shares access signatures. |
|
x_ms_version
|
The service version used to generate the shared access signatures. Default value: 2019-02-02
|
Methods
| generate_account |
Generates a shared access signature for the account. Use the returned signature with the sas_token parameter of the service or to create a new account object. |
generate_account
Generates a shared access signature for the account. Use the returned signature with the sas_token parameter of the service or to create a new account object.
generate_account(services, resource_types, permission, expiry, start=None, ip=None, protocol=None)Parameters
| Name | Description |
|---|---|
|
services
Required
|
Specifies the services accessible with the account SAS. You can combine values to provide access to more than one service. |
|
resource_types
Required
|
Specifies the resource types that are accessible with the account SAS. You can combine values to provide access to more than one resource type. |
|
permission
Required
|
The permissions associated with the shared access signature. The user is restricted to operations allowed by the permissions. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy. You can combine values to provide more than one permission. |
|
expiry
Required
|
The time at which the shared access signature becomes invalid. Required unless an id is given referencing a stored access policy which contains this field. This field must be omitted if it has been specified in an associated stored access policy. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC. |
|
start
|
The time at which the shared access signature becomes valid. If omitted, start time for this call is assumed to be the time when the storage service receives the request. Azure will always convert values to UTC. If a date is passed in without timezone info, it is assumed to be UTC. Default value: None
|
|
ip
|
Specifies an IP address or a range of IP addresses from which to accept requests. If the IP address from which the request originates does not match the IP address or address range specified on the SAS token, the request is not authenticated. For example, specifying sip=168.1.5.65 or sip=168.1.5.60-168.1.5.70 on the SAS restricts the request to those IP addresses. Default value: None
|
|
protocol
|
Specifies the protocol permitted for a request made. The default value is https,http. See Protocol for possible values. Default value: None
|
Azure SDK for Python