
StorageAccount Interface


public interface StorageAccount
extends GroupableResource<StorageManager,StorageAccountInner>, Refreshable<StorageAccount>, Updatable<Update>, SupportsListingPrivateLinkResource, SupportsListingPrivateEndpointConnection, SupportsUpdatingPrivateEndpointConnection

An immutable client-side representation of an Azure storage account.

Method Summary

Modifier and Type Method and Description
abstract AccessTier accessTier()

Gets access tier used for billing.

abstract AccountStatuses accountStatuses()

Gets the status indicating whether the primary and secondary location of the storage account is available or unavailable.

abstract boolean canAccessFromAzureServices()

Checks storage account can be accessed from applications running on azure.

abstract boolean canReadLogEntriesFromAnyNetwork()

Checks whether storage log entries can be read from any network.

abstract boolean canReadMetricsFromAnyNetwork()

Checks storage metrics can be read from any network.

abstract OffsetDateTime creationTime()

Gets the creation date and time of the storage account in UTC.

abstract CustomDomain customDomain()

Gets the user assigned custom domain assigned to this storage account.

abstract StorageAccountEncryptionKeySource encryptionKeySource()

The source of the key used for encryption.

abstract Map<StorageService,StorageAccountEncryptionStatus> encryptionStatuses()

Gets the encryption statuses indexed by storage service type.

abstract PublicEndpoints endPoints()

Gets the URLs that are used to perform a retrieval of a public blob, queue or table object.

abstract List<StorageAccountKey> getKeys()

Fetch the up-to-date access keys from Azure for this storage account.

abstract Mono<List<StorageAccountKey>> getKeysAsync()

Fetch the up-to-date access keys from Azure for this storage account asynchronously.

abstract IdentityType identityTypeForCustomerEncryptionKey()

Type of the Managed Service Identity used to access KeyVault for encryption.

abstract boolean infrastructureEncryptionEnabled()

Checks whether infrastructure encryption for Azure Storage data is enabled.

abstract List<String> ipAddressesWithAccess()

Gets the list of ip addresses having access to the storage account.

abstract List<String> ipAddressRangesWithAccess()

Gets the list of ip address ranges having access to the storage account.

abstract boolean isAccessAllowedFromAllNetworks()

Checks whether authenticated application from any network is allowed to access the storage account.

abstract boolean isAllowCrossTenantReplication()

Checks whether cross tenant replication is allowed.

abstract boolean isAzureFilesAadIntegrationEnabled()

Checks whether Aad Integration is enabled for files on this storage account.

abstract boolean isBlobPublicAccessAllowed()

Checks whether blob public access is allowed.

abstract boolean isDefaultToOAuthAuthentication()

Checks whether default to oauth authentication is allowed.

abstract boolean isHnsEnabled()

Checks whether Hns is enabled on this storage account.

abstract boolean isHttpsTrafficOnly()

Checks whether storage account only allow HTTPS traffic.

abstract boolean isLargeFileSharesEnabled()

Checks whether large file shares enabled on this storage account.

abstract boolean isSharedKeyAccessAllowed()

Checks whether shared key access is allowed.

abstract Kind kind()

Gets the kind of the storage account.

abstract OffsetDateTime lastGeoFailoverTime()

Gets the timestamp of the most recent instance of a failover to the secondary location.

abstract MinimumTlsVersion minimumTlsVersion()

Gets the minimum TLS version for HTTPS traffic.

abstract List<String> networkSubnetsWithAccess()

Gets the list of resource id of virtual network subnet having access to the storage account.

abstract ProvisioningState provisioningState()

Gets the status of the storage account.

abstract PublicNetworkAccess publicNetworkAccess()

Whether the storage account can be accessed from public network.

abstract List<StorageAccountKey> regenerateKey(String keyName)

Regenerates the access keys for this storage account.

abstract Mono<List<StorageAccountKey>> regenerateKeyAsync(String keyName)

Regenerates the access keys for this storage account asynchronously.

abstract StorageAccountSkuType skuType()

Gets the sku of this storage account.

abstract String systemAssignedManagedServiceIdentityPrincipalId()

Gets the Managed Service Identity specific Active Directory service principal ID assigned to the storage account.

abstract String systemAssignedManagedServiceIdentityTenantId()

Gets the Managed Service Identity specific Active Directory tenant ID assigned to the storage account.

abstract String userAssignedIdentityIdForCustomerEncryptionKey()

User-assigned Managed Service Identity ID to access the KeyVault for encryption.

abstract Set<String> userAssignedManagedServiceIdentityIds()

Gets the resource ids of User Assigned Managed Service Identities associated with the storage account.

Method Details


public abstract AccessTier accessTier()

Gets access tier used for billing.


access tier used for billing. Access tier cannot be changed more than once every 7 days (168 hours). Access tier cannot be set for StandardLRS, StandardGRS, StandardRAGRS, or PremiumLRS account types. Possible values include: 'Hot', 'Cool'.


public abstract AccountStatuses accountStatuses()

Gets the status indicating whether the primary and secondary location of the storage account is available or unavailable.


the status indicating whether the primary and secondary location of the storage account is available or unavailable. Possible values include: 'Available', 'Unavailable'


public abstract boolean canAccessFromAzureServices()

Checks storage account can be accessed from applications running on azure.


true if storage can be accessed from application running on azure, false otherwise


public abstract boolean canReadLogEntriesFromAnyNetwork()

Checks whether storage log entries can be read from any network.


true if storage log entries can be read from any network, false otherwise


public abstract boolean canReadMetricsFromAnyNetwork()

Checks storage metrics can be read from any network.


true if storage metrics can be read from any network, false otherwise


public abstract OffsetDateTime creationTime()

Gets the creation date and time of the storage account in UTC.


the creation date and time of the storage account in UTC


public abstract CustomDomain customDomain()

Gets the user assigned custom domain assigned to this storage account.


the user assigned custom domain assigned to this storage account


public abstract StorageAccountEncryptionKeySource encryptionKeySource()

The source of the key used for encryption.

MICROSOFT_STORAGE means that the Storage Account is encrypted using Microsoft-managed Key.

MICROSOFT_KEYVAULT means that the Storage Account is encrypted using Customer-managed Key.


the source of the key used for encryption.


public abstract Map encryptionStatuses()

Gets the encryption statuses indexed by storage service type.


the encryption statuses indexed by storage service type.


public abstract PublicEndpoints endPoints()

Gets the URLs that are used to perform a retrieval of a public blob, queue or table object.


the URLs that are used to perform a retrieval of a public blob, queue or table object. Note that StandardZRS and PremiumLRS accounts only return the blob endpoint


public abstract List getKeys()

Fetch the up-to-date access keys from Azure for this storage account.


the access keys for this storage account


public abstract Mono> getKeysAsync()

Fetch the up-to-date access keys from Azure for this storage account asynchronously.


a representation of the deferred computation of this call, returning the access keys


public abstract IdentityType identityTypeForCustomerEncryptionKey()

Type of the Managed Service Identity used to access KeyVault for encryption.

This property only makes sense when the storage account is encrypted using Customer-managed keys, meaning encryptionKeySource() is MICROSOFT_KEYVAULT.


type of the Managed Service Identity used to access KeyVault for encryption, null if encryptionKeySource() is MICROSOFT_STORAGE


public abstract boolean infrastructureEncryptionEnabled()

Checks whether infrastructure encryption for Azure Storage data is enabled.


whether infrastructure encryption for Azure Storage data is enabled.


public abstract List ipAddressesWithAccess()

Gets the list of ip addresses having access to the storage account.


the list of ip addresses having access to the storage account.


public abstract List ipAddressRangesWithAccess()

Gets the list of ip address ranges having access to the storage account.


the list of ip address ranges having access to the storage account.


public abstract boolean isAccessAllowedFromAllNetworks()

Checks whether authenticated application from any network is allowed to access the storage account.


true if authenticated application from any network is allowed to access the storage account, false if only application from whitelisted network (subnet, ip address, ip address range) can access the storage account.


public abstract boolean isAllowCrossTenantReplication()

Checks whether cross tenant replication is allowed.


true if cross tenant replication is enabled, false otherwise


public abstract boolean isAzureFilesAadIntegrationEnabled()

Checks whether Aad Integration is enabled for files on this storage account.


true if Aad integration is enabled, false otherwise


public abstract boolean isBlobPublicAccessAllowed()

Checks whether blob public access is allowed.


true if blob public access is allowed, false otherwise


public abstract boolean isDefaultToOAuthAuthentication()

Checks whether default to oauth authentication is allowed.


true if default to oauth authentication is enabled, false otherwise


public abstract boolean isHnsEnabled()

Checks whether Hns is enabled on this storage account.


true if Hns is enabled, false otherwise


public abstract boolean isHttpsTrafficOnly()

Checks whether storage account only allow HTTPS traffic.


true if only allow HTTPS traffic, false otherwise


public abstract boolean isLargeFileSharesEnabled()

Checks whether large file shares enabled on this storage account.


true if large file shares is enabled, false otherwise


public abstract boolean isSharedKeyAccessAllowed()

Checks whether shared key access is allowed.


true if shared key access is allowed, false otherwise


public abstract Kind kind()

Gets the kind of the storage account.


the kind of the storage account. Possible values are 'Storage', 'BlobStorage'.


public abstract OffsetDateTime lastGeoFailoverTime()

Gets the timestamp of the most recent instance of a failover to the secondary location.


the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is StandardGRS or StandardRAGRS


public abstract MinimumTlsVersion minimumTlsVersion()

Gets the minimum TLS version for HTTPS traffic.


the minimum TLS version for HTTPS traffic.


public abstract List networkSubnetsWithAccess()

Gets the list of resource id of virtual network subnet having access to the storage account.


the list of resource id of virtual network subnet having access to the storage account.


public abstract ProvisioningState provisioningState()

Gets the status of the storage account.


the status of the storage account at the time the operation was called. Possible values include: 'Creating', 'ResolvingDNS', 'Succeeded'


public abstract PublicNetworkAccess publicNetworkAccess()

Whether the storage account can be accessed from public network.


whether the storage account can be accessed from public network.


public abstract List regenerateKey(String keyName)

Regenerates the access keys for this storage account.


keyName - if the key name


the generated access keys for this storage account


public abstract Mono> regenerateKeyAsync(String keyName)

Regenerates the access keys for this storage account asynchronously.


keyName - if the key name


a representation of the deferred computation of this call, returning the regenerated access key


public abstract StorageAccountSkuType skuType()

Gets the sku of this storage account.


the sku of this storage account.


public abstract String systemAssignedManagedServiceIdentityPrincipalId()

Gets the Managed Service Identity specific Active Directory service principal ID assigned to the storage account.


the Managed Service Identity specific Active Directory service principal ID assigned to the storage account.


public abstract String systemAssignedManagedServiceIdentityTenantId()

Gets the Managed Service Identity specific Active Directory tenant ID assigned to the storage account.


the Managed Service Identity specific Active Directory tenant ID assigned to the storage account.


public abstract String userAssignedIdentityIdForCustomerEncryptionKey()

User-assigned Managed Service Identity ID to access the KeyVault for encryption.

This property only makes sense when the storage account is encrypted using Customer-managed keys, meaning encryptionKeySource() is MICROSOFT_KEYVAULT and identityTypeForCustomerEncryptionKey() is USER_ASSIGNED.


user-assigned identity ID used to access KeyVault for encryption, null if encryptionKeySource() is MICROSOFT_STORAGE or identityTypeForCustomerEncryptionKey() is not USER_ASSIGNED


public abstract Set userAssignedManagedServiceIdentityIds()

Gets the resource ids of User Assigned Managed Service Identities associated with the storage account.


the resource ids of User Assigned Managed Service Identities associated with the storage account.

Applies to