Cria de forma assíncrona uma nova conta de armazenamento com os parâmetros especificados. Se uma conta já tiver sido criada e uma solicitação de criação subsequente for emitida com propriedades diferentes, as propriedades da conta serão atualizadas. Se uma conta já tiver sido criada e uma solicitação de criação ou atualização subsequente for emitida com exatamente o mesmo conjunto de propriedades, a solicitação terá êxito.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}?api-version=2023-05-01
Parâmetros do URI
Name |
Em |
Necessário |
Tipo |
Description |
accountName
|
path |
True
|
string
|
O nome da conta de armazenamento dentro do grupo de recursos especificado. Os nomes das contas de armazenamento devem ter entre 3 e 24 caracteres e usar apenas números e letras minúsculas.
Padrão Regex: ^[a-z0-9]+$
|
resourceGroupName
|
path |
True
|
string
|
O nome do grupo de recursos dentro da assinatura do usuário. O nome não diferencia maiúsculas de minúsculas.
Padrão Regex: ^[-\w\._\(\)]+$
|
subscriptionId
|
path |
True
|
string
|
A ID da assinatura de destino.
|
api-version
|
query |
True
|
string
|
A versão da API a ser usada para esta operação.
|
Corpo do Pedido
Name |
Necessário |
Tipo |
Description |
kind
|
True
|
Kind
|
Necessário. Indica o tipo de conta de armazenamento.
|
location
|
True
|
string
|
Necessário. Obtém ou define o local do recurso. Esta será uma das Regiões Geográficas do Azure suportadas e registadas (por exemplo, Oeste dos EUA, Leste dos EUA, Sudeste Asiático, etc.). A região geográfica de um recurso não pode ser alterada depois de criado, mas se uma região geográfica idêntica for especificada na atualização, a solicitação terá êxito.
|
sku
|
True
|
Sku
|
Necessário. Obtém ou define o nome da SKU.
|
extendedLocation
|
|
ExtendedLocation
|
Opcional. Defina o local estendido do recurso. Se não estiver definida, a conta de armazenamento será criada na região principal do Azure. Caso contrário, ele será criado no local estendido especificado
|
identity
|
|
Identity
|
A identidade do recurso.
|
properties.accessTier
|
|
AccessTier
|
Necessário para contas de armazenamento onde kind = BlobStorage. A camada de acesso é usada para faturamento. A camada de acesso 'Premium' é o valor padrão para o tipo de conta de armazenamento de blobs de bloco premium e não pode ser alterada para o tipo de conta de armazenamento de blobs de bloco premium.
|
properties.allowBlobPublicAccess
|
|
boolean
|
Permitir ou não permitir o acesso público a todos os blobs ou contêineres na conta de armazenamento. A interpretação padrão é falsa para esta propriedade.
|
properties.allowCrossTenantReplication
|
|
boolean
|
Permitir ou não permitir replicação de objeto de locatário entre AAD. Defina essa propriedade como true para contas novas ou existentes somente se as políticas de replicação de objetos envolverem contas de armazenamento em diferentes locatários do AAD. A interpretação padrão é falsa para que novas contas sigam as melhores práticas de segurança por padrão.
|
properties.allowSharedKeyAccess
|
|
boolean
|
Indica se a conta de armazenamento permite que as solicitações sejam autorizadas com a chave de acesso da conta por meio da Chave Compartilhada. Se false, todas as solicitações, incluindo assinaturas de acesso compartilhado, devem ser autorizadas com o Azure Ative Directory (Azure AD). O valor padrão é null, que é equivalente a true.
|
properties.allowedCopyScope
|
|
AllowedCopyScope
|
Restrinja a cópia de e para Contas de Armazenamento dentro de um locatário do AAD ou com Links Privados para a mesma VNet.
|
properties.azureFilesIdentityBasedAuthentication
|
|
AzureFilesIdentityBasedAuthentication
|
Fornece as configurações de autenticação baseada em identidade para Arquivos do Azure.
|
properties.customDomain
|
|
CustomDomain
|
Domínio de usuário atribuído à conta de armazenamento. Nome é a fonte CNAME. Apenas um domínio personalizado é suportado por conta de armazenamento no momento. Para limpar o domínio personalizado existente, use uma cadeia de caracteres vazia para a propriedade de nome de domínio personalizado.
|
properties.defaultToOAuthAuthentication
|
|
boolean
|
Um sinalizador booleano que indica se a autenticação padrão é OAuth ou não. A interpretação padrão é falsa para esta propriedade.
|
properties.dnsEndpointType
|
|
DnsEndpointType
|
Permite especificar o tipo de ponto de extremidade. Defina isso como AzureDNSZone para criar um grande número de contas em uma única assinatura, que cria contas em uma Zona DNS do Azure e a URL do ponto de extremidade terá um identificador alfanumérico de Zona DNS.
|
properties.enableExtendedGroups
|
|
boolean
|
Habilita o suporte estendido a grupos com o recurso de usuários locais, se definido como true
|
properties.encryption
|
|
Encryption
|
Configurações de criptografia a serem usadas para criptografia do lado do servidor para a conta de armazenamento.
|
properties.immutableStorageWithVersioning
|
|
ImmutableStorageAccount
|
A propriedade é imutável e só pode ser definida como true no momento da criação da conta. Quando definido como true, ele habilita a imutabilidade no nível do objeto para todos os novos contêineres na conta por padrão.
|
properties.isHnsEnabled
|
|
boolean
|
Account HierarchicalNamespace habilitado se definido como true.
|
properties.isLocalUserEnabled
|
|
boolean
|
Habilita o recurso de usuários locais, se definido como true
|
properties.isNfsV3Enabled
|
|
boolean
|
Suporte ao protocolo NFS 3.0 habilitado se definido como true.
|
properties.isSftpEnabled
|
|
boolean
|
Habilita o Protocolo de Transferência Segura de Arquivos, se definido como true
|
properties.keyPolicy
|
|
KeyPolicy
|
KeyPolicy atribuído à conta de armazenamento.
|
properties.largeFileSharesState
|
|
LargeFileSharesState
|
Permita compartilhamentos de arquivos grandes se definido como Habilitado. Ele não pode ser desativado uma vez que está ativado.
|
properties.minimumTlsVersion
|
|
MinimumTlsVersion
|
Defina a versão mínima do TLS a ser permitida em solicitações de armazenamento. A interpretação padrão é TLS 1.0 para esta propriedade.
|
properties.networkAcls
|
|
NetworkRuleSet
|
Conjunto de regras de rede
|
properties.publicNetworkAccess
|
|
PublicNetworkAccess
|
Permitir, não permitir ou permitir a configuração do Perímetro de Segurança de Rede para avaliar o acesso à rede pública à Conta de Armazenamento. O valor é opcional, mas se passado, deve ser 'Enabled', 'Disabled' ou 'SecuredByPerimeter'.
|
properties.routingPreference
|
|
RoutingPreference
|
Mantém informações sobre a opção de roteamento de rede escolhida pelo usuário para transferência de dados
|
properties.sasPolicy
|
|
SasPolicy
|
SasPolicy atribuído à conta de armazenamento.
|
properties.supportsHttpsTrafficOnly
|
|
boolean
|
Permite tráfego https somente para o serviço de armazenamento se definido como true. O valor padrão é true desde a versão da API 2019-04-01.
|
tags
|
|
object
|
Obtém ou define uma lista de pares de valores de chave que descrevem o recurso. Essas tags podem ser usadas para exibir e agrupar esse recurso (entre grupos de recursos). Um máximo de 15 tags podem ser fornecidas para um recurso. Cada tag deve ter uma chave com um comprimento não superior a 128 caracteres e um valor com um comprimento não superior a 256 caracteres.
|
Respostas
Name |
Tipo |
Description |
200 OK
|
StorageAccount
|
OK -- retornado quando a conta de armazenamento já foi criada a partir de uma solicitação anterior com as mesmas propriedades especificadas no corpo da solicitação.
|
202 Accepted
|
|
Aceito -- Criar ou atualizar solicitação aceita; a operação será concluída de forma assíncrona.
|
Segurança
azure_auth
Azure Ative Directory OAuth2 Flow
Tipo:
oauth2
Fluxo:
implicit
URL de Autorização:
https://login.microsoftonline.com/common/oauth2/authorize
Âmbitos
Name |
Description |
user_impersonation
|
personificar a sua conta de utilizador
|
Exemplos
NfsV3AccountCreate
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Premium_LRS"
},
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"isHnsEnabled": true,
"isNfsV3Enabled": true,
"enableExtendedGroups": true,
"supportsHttpsTrafficOnly": false,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
]
}
}
}
import com.azure.resourcemanager.storage.models.Bypass;
import com.azure.resourcemanager.storage.models.DefaultAction;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.NetworkRuleSet;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.VirtualNetworkRule;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/NfsV3AccountCreate.json
*/
/**
* Sample code: NfsV3AccountCreate.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void nfsV3AccountCreate(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.PREMIUM_LRS))
.withKind(Kind.BLOCK_BLOB_STORAGE).withLocation("eastus")
.withNetworkRuleSet(new NetworkRuleSet().withBypass(Bypass.AZURE_SERVICES)
.withVirtualNetworkRules(Arrays.asList(new VirtualNetworkRule().withVirtualNetworkResourceId(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12")))
.withIpRules(Arrays.asList()).withDefaultAction(DefaultAction.ALLOW))
.withEnableHttpsTrafficOnly(false).withEnableExtendedGroups(true).withIsHnsEnabled(true)
.withEnableNfsV3(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python nfs_v3_account_create.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"enableExtendedGroups": True,
"isHnsEnabled": True,
"isNfsV3Enabled": True,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
],
},
"supportsHttpsTrafficOnly": False,
},
"sku": {"name": "Premium_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/NfsV3AccountCreate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/NfsV3AccountCreate.json
func ExampleAccountsClient_BeginCreate_nfsV3AccountCreate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindBlockBlobStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
EnableExtendedGroups: to.Ptr(true),
IsHnsEnabled: to.Ptr(true),
EnableNfsV3: to.Ptr(true),
NetworkRuleSet: &armstorage.NetworkRuleSet{
Bypass: to.Ptr(armstorage.BypassAzureServices),
DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
IPRules: []*armstorage.IPRule{},
VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
{
VirtualNetworkResourceID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
}},
},
EnableHTTPSTrafficOnly: to.Ptr(false),
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNamePremiumLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Kind: to.Ptr(armstorage.KindBlockBlobStorage),
// Properties: &armstorage.AccountProperties{
// EnableExtendedGroups: to.Ptr(true),
// IsHnsEnabled: to.Ptr(true),
// EnableNfsV3: to.Ptr(true),
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// {
// VirtualNetworkResourceID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"),
// }},
// },
// EnableHTTPSTrafficOnly: to.Ptr(false),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNamePremiumLRS),
// Tier: to.Ptr(armstorage.SKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/NfsV3AccountCreate.json
*/
async function nfsV3AccountCreate() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
enableExtendedGroups: true,
isHnsEnabled: true,
enableNfsV3: true,
kind: "BlockBlobStorage",
location: "eastus",
networkRuleSet: {
bypass: "AzureServices",
defaultAction: "Allow",
ipRules: [],
virtualNetworkRules: [
{
virtualNetworkResourceId:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12",
},
],
},
sku: { name: "Premium_LRS" },
enableHttpsTrafficOnly: false,
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/NfsV3AccountCreate.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.PremiumLrs), StorageKind.BlockBlobStorage, new AzureLocation("eastus"))
{
NetworkRuleSet = new StorageAccountNetworkRuleSet(StorageNetworkDefaultAction.Allow)
{
Bypass = StorageNetworkBypass.AzureServices,
VirtualNetworkRules =
{
new StorageAccountVirtualNetworkRule(new ResourceIdentifier("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"))
},
IPRules =
{
},
},
EnableHttpsTrafficOnly = false,
IsExtendedGroupEnabled = true,
IsHnsEnabled = true,
IsNfsV3Enabled = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "BlockBlobStorage",
"location": "eastus",
"name": "sto4445",
"properties": {
"isHnsEnabled": true,
"isNfsV3Enabled": true,
"enableExtendedGroups": true,
"supportsHttpsTrafficOnly": false,
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": [
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Network/virtualNetworks/net123/subnets/subnet12"
}
]
}
},
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreate
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreate.json
*/
/**
* Sample code: StorageAccountCreate.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreate(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreate.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreate.json
func ExampleAccountsClient_BeginCreate_storageAccountCreate() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreate.json
*/
async function storageAccountCreate() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreate.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsSftpEnabled = true,
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
IsDefaultToOAuthAuthentication = false,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateAllowedCopyScopeToAAD
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"allowedCopyScope": "AAD",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.AllowedCopyScope;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateAllowedCopyScopeToAAD.json
*/
/**
* Sample code: StorageAccountCreateAllowedCopyScopeToAAD.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateAllowedCopyScopeToAAD(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withAllowedCopyScope(
AllowedCopyScope.AAD)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_allowed_copy_scope_to_aad.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"allowedCopyScope": "AAD",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateAllowedCopyScopeToAad() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopeAAD),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopeAAD),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
*/
async function storageAccountCreateAllowedCopyScopeToAad() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
allowedCopyScope: "AAD",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToAAD.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
AllowedCopyScope = AllowedCopyScope.Aad,
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"allowedCopyScope": "AAD"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateAllowedCopyScopeToPrivateLink
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"allowedCopyScope": "PrivateLink",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.AllowedCopyScope;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateAllowedCopyScopeToPrivateLink.json
*/
/**
* Sample code: StorageAccountCreateAllowedCopyScopeToPrivateLink.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateAllowedCopyScopeToPrivateLink(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withAllowedCopyScope(
AllowedCopyScope.PRIVATE_LINK)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_allowed_copy_scope_to_private_link.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"allowedCopyScope": "PrivateLink",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateAllowedCopyScopeToPrivateLink() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopePrivateLink),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// AllowedCopyScope: to.Ptr(armstorage.AllowedCopyScopePrivateLink),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
*/
async function storageAccountCreateAllowedCopyScopeToPrivateLink() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
allowedCopyScope: "PrivateLink",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateAllowedCopyScopeToPrivateLink.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
AllowedCopyScope = AllowedCopyScope.PrivateLink,
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"allowedCopyScope": "PrivateLink"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDisallowPublicNetworkAccess
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"publicNetworkAccess": "Disabled",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.PublicNetworkAccess;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateDisallowPublicNetworkAccess.json
*/
/**
* Sample code: StorageAccountCreateDisallowPublicNetworkAccess.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDisallowPublicNetworkAccess(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withPublicNetworkAccess(
PublicNetworkAccess.DISABLED)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_disallow_public_network_access.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"publicNetworkAccess": "Disabled",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDisallowPublicNetworkAccess() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessDisabled),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessDisabled),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
*/
async function storageAccountCreateDisallowPublicNetworkAccess() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
publicNetworkAccess: "Disabled",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDisallowPublicNetworkAccess.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
PublicNetworkAccess = StoragePublicNetworkAccess.Disabled,
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"publicNetworkAccess": "Disabled"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDnsEndpointTypeToAzureDnsZone
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"dnsEndpointType": "AzureDnsZone",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.DnsEndpointType;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
*/
/**
* Sample code: StorageAccountCreateDnsEndpointTypeToAzureDnsZone.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDnsEndpointTypeToAzureDnsZone(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false)
.withDnsEndpointType(DnsEndpointType.AZURE_DNS_ZONE),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_dns_endpoint_type_to_azure_dns_zone.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"dnsEndpointType": "AzureDnsZone",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDnsEndpointTypeToAzureDnsZone() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeAzureDNSZone),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeAzureDNSZone),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445.z24.file.storage.azure.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445-internetrouting.z24.file.storage.azure.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.z24.web.storage.azure.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.z24.blob.storage.azure.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.z24.dfs.storage.azure.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.z24.file.storage.azure.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.z24.queue.storage.azure.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.z24.table.storage.azure.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.z24.web.storage.azure.net/"),
// },
// Queue: to.Ptr("https://sto4445.z24.queue.storage.azure.net/"),
// Table: to.Ptr("https://sto4445.z24.table.storage.azure.net/"),
// Web: to.Ptr("https://sto4445.z24.web.storage.azure.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
*/
async function storageAccountCreateDnsEndpointTypeToAzureDnsZone() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
dnsEndpointType: "AzureDnsZone",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToAzureDnsZone.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsSftpEnabled = true,
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
IsDefaultToOAuthAuthentication = false,
DnsEndpointType = StorageDnsEndpointType.AzureDnsZone,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"dnsEndpointType": "AzureDnsZone",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.z24.web.storage.azure.net/",
"dfs": "https://sto4445.z24.dfs.storage.azure.net/",
"blob": "https://sto4445.z24.blob.storage.azure.net/",
"file": "https://sto4445.z24.file.storage.azure.net/",
"queue": "https://sto4445.z24.queue.storage.azure.net/",
"table": "https://sto4445.z24.table.storage.azure.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.z24.web.storage.azure.net/",
"dfs": "https://sto4445-microsoftrouting.z24.dfs.storage.azure.net/",
"blob": "https://sto4445-microsoftrouting.z24.blob.storage.azure.net/",
"file": "https://sto4445-microsoftrouting.z24.file.storage.azure.net/",
"queue": "https://sto4445-microsoftrouting.z24.queue.storage.azure.net/",
"table": "https://sto4445-microsoftrouting.z24.table.storage.azure.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.z24.web.storage.azure.net/",
"dfs": "https://sto4445-internetrouting.z24.dfs.storage.azure.net/",
"blob": "https://sto4445-internetrouting.z24.blob.storage.azure.net/",
"file": "https://sto4445-internetrouting.z24.file.storage.azure.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateDnsEndpointTypeToStandard
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"dnsEndpointType": "Standard",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"defaultToOAuthAuthentication": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.DnsEndpointType;
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateDnsEndpointTypeToStandard.json
*/
/**
* Sample code: StorageAccountCreateDnsEndpointTypeToStandard.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateDnsEndpointTypeToStandard(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(
mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsSftpEnabled(true).withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true).withDefaultToOAuthAuthentication(false)
.withDnsEndpointType(DnsEndpointType.STANDARD),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_dns_endpoint_type_to_standard.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"defaultToOAuthAuthentication": False,
"dnsEndpointType": "Standard",
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"isSftpEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateDnsEndpointTypeToStandard() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
DefaultToOAuthAuthentication: to.Ptr(false),
DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeStandard),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
IsSftpEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// DNSEndpointType: to.Ptr(armstorage.DNSEndpointTypeStandard),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// IsSftpEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
*/
async function storageAccountCreateDnsEndpointTypeToStandard() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
defaultToOAuthAuthentication: false,
dnsEndpointType: "Standard",
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
isSftpEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateDnsEndpointTypeToStandard.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsSftpEnabled = true,
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
IsDefaultToOAuthAuthentication = false,
DnsEndpointType = StorageDnsEndpointType.Standard,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"dnsEndpointType": "Standard",
"isHnsEnabled": true,
"isSftpEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateEnablePublicNetworkAccess
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"publicNetworkAccess": "Enabled",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.ExpirationAction;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.KeyPolicy;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.PublicNetworkAccess;
import com.azure.resourcemanager.storage.models.RoutingChoice;
import com.azure.resourcemanager.storage.models.RoutingPreference;
import com.azure.resourcemanager.storage.models.SasPolicy;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateEnablePublicNetworkAccess.json
*/
/**
* Sample code: StorageAccountCreateEnablePublicNetworkAccess.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateEnablePublicNetworkAccess(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withPublicNetworkAccess(
PublicNetworkAccess.ENABLED)
.withSasPolicy(
new SasPolicy().withSasExpirationPeriod(
"1.15:59:59").withExpirationAction(
ExpirationAction.LOG))
.withKeyPolicy(new KeyPolicy().withKeyExpirationPeriodInDays(20))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withIsHnsEnabled(true)
.withRoutingPreference(new RoutingPreference().withRoutingChoice(RoutingChoice.MICROSOFT_ROUTING)
.withPublishMicrosoftEndpoints(true).withPublishInternetEndpoints(true))
.withAllowBlobPublicAccess(false).withMinimumTlsVersion(MinimumTlsVersion.TLS1_2)
.withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_enable_public_network_access.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"allowBlobPublicAccess": False,
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"isHnsEnabled": True,
"keyPolicy": {"keyExpirationPeriodInDays": 20},
"minimumTlsVersion": "TLS1_2",
"publicNetworkAccess": "Enabled",
"routingPreference": {
"publishInternetEndpoints": True,
"publishMicrosoftEndpoints": True,
"routingChoice": "MicrosoftRouting",
},
"sasPolicy": {"expirationAction": "Log", "sasExpirationPeriod": "1.15:59:59"},
},
"sku": {"name": "Standard_GRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateEnablePublicNetworkAccess() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowBlobPublicAccess: to.Ptr(false),
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
IsHnsEnabled: to.Ptr(true),
KeyPolicy: &armstorage.KeyPolicy{
KeyExpirationPeriodInDays: to.Ptr[int32](20),
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessEnabled),
RoutingPreference: &armstorage.RoutingPreference{
PublishInternetEndpoints: to.Ptr(true),
PublishMicrosoftEndpoints: to.Ptr(true),
RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
},
SasPolicy: &armstorage.SasPolicy{
ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
SasExpirationPeriod: to.Ptr("1.15:59:59"),
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AllowBlobPublicAccess: to.Ptr(false),
// AllowSharedKeyAccess: to.Ptr(true),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// IsHnsEnabled: to.Ptr(true),
// KeyCreationTime: &armstorage.KeyCreationTime{
// Key1: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// Key2: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-03-18T04:42:22.432Z"); return t}()),
// },
// KeyPolicy: &armstorage.KeyPolicy{
// KeyExpirationPeriodInDays: to.Ptr[int32](20),
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// InternetEndpoints: &armstorage.AccountInternetEndpoints{
// Blob: to.Ptr("https://sto4445-internetrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-internetrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-internetrouting.file.core.windows.net/"),
// Web: to.Ptr("https://sto4445-internetrouting.web.core.windows.net/"),
// },
// MicrosoftEndpoints: &armstorage.AccountMicrosoftEndpoints{
// Blob: to.Ptr("https://sto4445-microsoftrouting.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445-microsoftrouting.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445-microsoftrouting.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445-microsoftrouting.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445-microsoftrouting.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445-microsoftrouting.web.core.windows.net/"),
// },
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// PublicNetworkAccess: to.Ptr(armstorage.PublicNetworkAccessEnabled),
// RoutingPreference: &armstorage.RoutingPreference{
// PublishInternetEndpoints: to.Ptr(true),
// PublishMicrosoftEndpoints: to.Ptr(true),
// RoutingChoice: to.Ptr(armstorage.RoutingChoiceMicrosoftRouting),
// },
// SasPolicy: &armstorage.SasPolicy{
// ExpirationAction: to.Ptr(armstorage.ExpirationActionLog),
// SasExpirationPeriod: to.Ptr("1.15:59:59"),
// },
// SecondaryLocation: to.Ptr("centraluseuap"),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
*/
async function storageAccountCreateEnablePublicNetworkAccess() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowBlobPublicAccess: false,
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
isHnsEnabled: true,
keyPolicy: { keyExpirationPeriodInDays: 20 },
kind: "Storage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
publicNetworkAccess: "Enabled",
routingPreference: {
publishInternetEndpoints: true,
publishMicrosoftEndpoints: true,
routingChoice: "MicrosoftRouting",
},
sasPolicy: { expirationAction: "Log", sasExpirationPeriod: "1.15:59:59" },
sku: { name: "Standard_GRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateEnablePublicNetworkAccess.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
PublicNetworkAccess = StoragePublicNetworkAccess.Enabled,
SasPolicy = new StorageAccountSasPolicy("1.15:59:59", ExpirationAction.Log),
KeyExpirationPeriodInDays = 20,
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
IsHnsEnabled = true,
RoutingPreference = new StorageRoutingPreference()
{
RoutingChoice = StorageRoutingChoice.MicrosoftRouting,
IsMicrosoftEndpointsPublished = true,
IsInternetEndpointsPublished = true,
},
AllowBlobPublicAccess = false,
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"keyPolicy": {
"keyExpirationPeriodInDays": 20
},
"sasPolicy": {
"sasExpirationPeriod": "1.15:59:59",
"expirationAction": "Log"
},
"keyCreationTime": {
"key1": "2021-03-18T04:42:22.4322836Z",
"key2": "2021-03-18T04:42:22.4322836Z"
},
"isHnsEnabled": true,
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/",
"microsoftEndpoints": {
"web": "https://sto4445-microsoftrouting.web.core.windows.net/",
"dfs": "https://sto4445-microsoftrouting.dfs.core.windows.net/",
"blob": "https://sto4445-microsoftrouting.blob.core.windows.net/",
"file": "https://sto4445-microsoftrouting.file.core.windows.net/",
"queue": "https://sto4445-microsoftrouting.queue.core.windows.net/",
"table": "https://sto4445-microsoftrouting.table.core.windows.net/"
},
"internetEndpoints": {
"web": "https://sto4445-internetrouting.web.core.windows.net/",
"dfs": "https://sto4445-internetrouting.dfs.core.windows.net/",
"blob": "https://sto4445-internetrouting.blob.core.windows.net/",
"file": "https://sto4445-internetrouting.file.core.windows.net/"
}
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"routingPreference": {
"routingChoice": "MicrosoftRouting",
"publishMicrosoftEndpoints": true,
"publishInternetEndpoints": true
},
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"secondaryLocation": "centraluseuap",
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true,
"publicNetworkAccess": "Enabled"
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreatePremiumBlockBlobStorage
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Premium_LRS"
},
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"minimumTlsVersion": "TLS1_2",
"allowSharedKeyAccess": true,
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
}
},
"tags": {
"key1": "value1",
"key2": "value2"
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.MinimumTlsVersion;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreatePremiumBlockBlobStorage.json
*/
/**
* Sample code: StorageAccountCreatePremiumBlockBlobStorage.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreatePremiumBlockBlobStorage(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.PREMIUM_LRS))
.withKind(Kind.BLOCK_BLOB_STORAGE).withLocation("eastus")
.withTags(mapOf("key1", "fakeTokenPlaceholder", "key2", "fakeTokenPlaceholder"))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_STORAGE).withRequireInfrastructureEncryption(false))
.withMinimumTlsVersion(MinimumTlsVersion.TLS1_2).withAllowSharedKeyAccess(true),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_premium_block_blob_storage.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"kind": "BlockBlobStorage",
"location": "eastus",
"properties": {
"allowSharedKeyAccess": True,
"encryption": {
"keySource": "Microsoft.Storage",
"requireInfrastructureEncryption": False,
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
},
"minimumTlsVersion": "TLS1_2",
},
"sku": {"name": "Premium_LRS"},
"tags": {"key1": "value1", "key2": "value2"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
func ExampleAccountsClient_BeginCreate_storageAccountCreatePremiumBlockBlobStorage() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Kind: to.Ptr(armstorage.KindBlockBlobStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
AllowSharedKeyAccess: to.Ptr(true),
Encryption: &armstorage.Encryption{
KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
RequireInfrastructureEncryption: to.Ptr(false),
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNamePremiumLRS),
},
Tags: map[string]*string{
"key1": to.Ptr("value1"),
"key2": to.Ptr("value2"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// "key1": to.Ptr("value1"),
// "key2": to.Ptr("value2"),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierPremium),
// AllowBlobPublicAccess: to.Ptr(false),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// Encryption: &armstorage.Encryption{
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftStorage),
// RequireInfrastructureEncryption: to.Ptr(false),
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-11T20:49:31.703Z"); return t}()),
// },
// },
// },
// MinimumTLSVersion: to.Ptr(armstorage.MinimumTLSVersionTLS12),
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// StatusOfSecondary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNamePremiumLRS),
// Tier: to.Ptr(armstorage.SKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
*/
async function storageAccountCreatePremiumBlockBlobStorage() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
allowSharedKeyAccess: true,
encryption: {
keySource: "Microsoft.Storage",
requireInfrastructureEncryption: false,
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
kind: "BlockBlobStorage",
location: "eastus",
minimumTlsVersion: "TLS1_2",
sku: { name: "Premium_LRS" },
tags: { key1: "value1", key2: "value2" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreatePremiumBlockBlobStorage.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.PremiumLrs), StorageKind.BlockBlobStorage, new AzureLocation("eastus"))
{
Tags =
{
["key1"] = "value1",
["key2"] = "value2",
},
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.Storage,
RequireInfrastructureEncryption = false,
},
MinimumTlsVersion = StorageMinimumTlsVersion.Tls1_2,
AllowSharedKeyAccess = true,
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"properties": {
"allowBlobPublicAccess": false,
"minimumTlsVersion": "TLS1_2",
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"blob": "https://sto4445.blob.core.windows.net/",
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/"
},
"primaryLocation": "eastus2euap",
"accessTier": "Premium",
"provisioningState": "Succeeded",
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2019-12-11T20:49:31.7036140Z"
}
},
"requireInfrastructureEncryption": false,
"keySource": "Microsoft.Storage"
},
"statusOfPrimary": "available",
"statusOfSecondary": "available",
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
},
"tags": {
"key1": "value1",
"key2": "value2"
},
"type": "Microsoft.Storage/storageAccounts"
}
StorageAccountCreateUserAssignedEncryptionIdentityWithCMK
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
}
},
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": ""
},
"keySource": "Microsoft.Keyvault",
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
}
}
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionIdentity;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.Identity;
import com.azure.resourcemanager.storage.models.IdentityType;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.KeyVaultProperties;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.UserAssignedIdentity;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
*/
/**
* Sample code: StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateUserAssignedEncryptionIdentityWithCMK(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_LRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withIdentity(new Identity().withType(IdentityType.USER_ASSIGNED).withUserAssignedIdentities(mapOf(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
new UserAssignedIdentity())))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_KEYVAULT)
.withKeyVaultProperties(new KeyVaultProperties().withKeyName("fakeTokenPlaceholder")
.withKeyVersion("fakeTokenPlaceholder").withKeyVaultUri("fakeTokenPlaceholder"))
.withEncryptionIdentity(new EncryptionIdentity().withEncryptionUserAssignedIdentity(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_user_assigned_encryption_identity_with_cmk.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
},
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
},
"keySource": "Microsoft.Keyvault",
"keyvaultproperties": {
"keyname": "wrappingKey",
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyversion": "",
},
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
}
},
"sku": {"name": "Standard_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateUserAssignedEncryptionIdentityWithCmk() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
Identity: &armstorage.Identity{
Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {},
},
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
Encryption: &armstorage.Encryption{
EncryptionIdentity: &armstorage.EncryptionIdentity{
EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
},
KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
KeyVaultProperties: &armstorage.KeyVaultProperties{
KeyName: to.Ptr("wrappingKey"),
KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
KeyVersion: to.Ptr(""),
},
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// },
// Identity: &armstorage.Identity{
// Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
// "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": &armstorage.UserAssignedIdentity{
// ClientID: to.Ptr("fbaa6278-1ecc-415c-819f-6e2058d3acb5"),
// PrincipalID: to.Ptr("8d823284-1060-42a5-9ec4-ed3d831e24d7"),
// },
// },
// },
// Kind: to.Ptr(armstorage.KindStorageV2),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierHot),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.083Z"); return t}()),
// Encryption: &armstorage.Encryption{
// EncryptionIdentity: &armstorage.EncryptionIdentity{
// EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
// },
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
// KeyVaultProperties: &armstorage.KeyVaultProperties{
// CurrentVersionedKeyIdentifier: to.Ptr("https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad"),
// KeyName: to.Ptr("wrappingKey"),
// KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
// KeyVersion: to.Ptr(""),
// LastKeyRotationTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-13T20:36:23.702Z"); return t}()),
// },
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// },
// },
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus"),
// PrivateEndpointConnections: []*armstorage.PrivateEndpointConnection{
// },
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardLRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
*/
async function storageAccountCreateUserAssignedEncryptionIdentityWithCmk() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
encryption: {
encryptionIdentity: {
encryptionUserAssignedIdentity:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
keySource: "Microsoft.Keyvault",
keyVaultProperties: {
keyName: "wrappingKey",
keyVaultUri: "https://myvault8569.vault.azure.net",
keyVersion: "",
},
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/{subscriptionId}/resourceGroups/res9101/providers/MicrosoftManagedIdentity/userAssignedIdentities/{managedIdentityName}":
{},
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_LRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedEncryptionIdentityWithCMK.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardLrs), StorageKind.Storage, new AzureLocation("eastus"))
{
Identity = new ManagedServiceIdentity("UserAssigned")
{
UserAssignedIdentities =
{
[new ResourceIdentifier("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}")] = new UserAssignedIdentity(),
},
},
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.KeyVault,
KeyVaultProperties = new StorageAccountKeyVaultProperties()
{
KeyName = "wrappingKey",
KeyVersion = "",
KeyVaultUri = new Uri("https://myvault8569.vault.azure.net"),
},
EncryptionIdentity = new StorageAccountEncryptionIdentity()
{
EncryptionUserAssignedIdentity = "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
},
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"identity": {
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {
"principalId": "8d823284-1060-42a5-9ec4-ed3d831e24d7",
"clientId": "fbaa6278-1ecc-415c-819f-6e2058d3acb5"
}
},
"type": "UserAssigned"
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"name": "sto4445",
"type": "Microsoft.Storage/storageAccounts",
"location": "eastus",
"tags": {},
"properties": {
"privateEndpointConnections": [],
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": "",
"currentVersionedKeyIdentifier": "https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad",
"lastKeyRotationTimestamp": "2019-12-13T20:36:23.7023290Z"
},
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
}
},
"keySource": "Microsoft.Keyvault"
},
"accessTier": "Hot",
"provisioningState": "Succeeded",
"creationTime": "2020-12-15T00:43:14.0839093Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus",
"statusOfPrimary": "available"
}
}
StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res131918/providers/Microsoft.Storage/storageAccounts/sto131918?api-version=2023-05-01
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
}
},
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": ""
},
"keySource": "Microsoft.Keyvault",
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540"
}
}
}
}
import com.azure.resourcemanager.storage.models.Encryption;
import com.azure.resourcemanager.storage.models.EncryptionIdentity;
import com.azure.resourcemanager.storage.models.EncryptionService;
import com.azure.resourcemanager.storage.models.EncryptionServices;
import com.azure.resourcemanager.storage.models.Identity;
import com.azure.resourcemanager.storage.models.IdentityType;
import com.azure.resourcemanager.storage.models.KeySource;
import com.azure.resourcemanager.storage.models.KeyType;
import com.azure.resourcemanager.storage.models.KeyVaultProperties;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import com.azure.resourcemanager.storage.models.UserAssignedIdentity;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
*/
/**
* Sample code: StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts().create("res131918", "sto131918",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_LRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withIdentity(new Identity().withType(IdentityType.USER_ASSIGNED).withUserAssignedIdentities(mapOf(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
new UserAssignedIdentity())))
.withEncryption(new Encryption()
.withServices(new EncryptionServices()
.withBlob(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT))
.withFile(new EncryptionService().withEnabled(true).withKeyType(KeyType.ACCOUNT)))
.withKeySource(KeySource.MICROSOFT_KEYVAULT)
.withKeyVaultProperties(new KeyVaultProperties().withKeyName("fakeTokenPlaceholder")
.withKeyVersion("fakeTokenPlaceholder").withKeyVaultUri("fakeTokenPlaceholder"))
.withEncryptionIdentity(new EncryptionIdentity().withEncryptionUserAssignedIdentity(
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}")
.withEncryptionFederatedIdentityClientId("f83c6b1b-4d34-47e4-bb34-9d83df58b540"))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_user_assigned_identity_with_federated_identity_client_id.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res131918",
account_name="sto131918",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {}
},
},
"kind": "Storage",
"location": "eastus",
"properties": {
"encryption": {
"identity": {
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540",
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
"keySource": "Microsoft.Keyvault",
"keyvaultproperties": {
"keyname": "wrappingKey",
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyversion": "",
},
"services": {
"blob": {"enabled": True, "keyType": "Account"},
"file": {"enabled": True, "keyType": "Account"},
},
}
},
"sku": {"name": "Standard_LRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res131918", "sto131918", armstorage.AccountCreateParameters{
Identity: &armstorage.Identity{
Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {},
},
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
Encryption: &armstorage.Encryption{
EncryptionIdentity: &armstorage.EncryptionIdentity{
EncryptionFederatedIdentityClientID: to.Ptr("f83c6b1b-4d34-47e4-bb34-9d83df58b540"),
EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
},
KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
KeyVaultProperties: &armstorage.KeyVaultProperties{
KeyName: to.Ptr("wrappingKey"),
KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
KeyVersion: to.Ptr(""),
},
Services: &armstorage.EncryptionServices{
Blob: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
File: &armstorage.EncryptionService{
Enabled: to.Ptr(true),
KeyType: to.Ptr(armstorage.KeyTypeAccount),
},
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardLRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// Tags: map[string]*string{
// },
// Identity: &armstorage.Identity{
// Type: to.Ptr(armstorage.IdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armstorage.UserAssignedIdentity{
// "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": &armstorage.UserAssignedIdentity{
// ClientID: to.Ptr("fbaa6278-1ecc-415c-819f-6e2058d3acb5"),
// PrincipalID: to.Ptr("8d823284-1060-42a5-9ec4-ed3d831e24d7"),
// },
// },
// },
// Kind: to.Ptr(armstorage.KindStorageV2),
// Properties: &armstorage.AccountProperties{
// AccessTier: to.Ptr(armstorage.AccessTierHot),
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.083Z"); return t}()),
// Encryption: &armstorage.Encryption{
// EncryptionIdentity: &armstorage.EncryptionIdentity{
// EncryptionFederatedIdentityClientID: to.Ptr("f83c6b1b-4d34-47e4-bb34-9d83df58b540"),
// EncryptionUserAssignedIdentity: to.Ptr("/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}"),
// },
// KeySource: to.Ptr(armstorage.KeySourceMicrosoftKeyvault),
// KeyVaultProperties: &armstorage.KeyVaultProperties{
// CurrentVersionedKeyIdentifier: to.Ptr("https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad"),
// KeyName: to.Ptr("wrappingKey"),
// KeyVaultURI: to.Ptr("https://myvault8569.vault.azure.net"),
// KeyVersion: to.Ptr(""),
// LastKeyRotationTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2019-12-13T20:36:23.702Z"); return t}()),
// },
// Services: &armstorage.EncryptionServices{
// Blob: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// File: &armstorage.EncryptionService{
// Enabled: to.Ptr(true),
// KeyType: to.Ptr(armstorage.KeyTypeAccount),
// LastEnabledTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-12-15T00:43:14.173Z"); return t}()),
// },
// },
// },
// NetworkRuleSet: &armstorage.NetworkRuleSet{
// Bypass: to.Ptr(armstorage.BypassAzureServices),
// DefaultAction: to.Ptr(armstorage.DefaultActionAllow),
// IPRules: []*armstorage.IPRule{
// },
// VirtualNetworkRules: []*armstorage.VirtualNetworkRule{
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus"),
// PrivateEndpointConnections: []*armstorage.PrivateEndpointConnection{
// },
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// StatusOfPrimary: to.Ptr(armstorage.AccountStatusAvailable),
// EnableHTTPSTrafficOnly: to.Ptr(true),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardLRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
*/
async function storageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res131918";
const accountName = "sto131918";
const parameters = {
encryption: {
encryptionIdentity: {
encryptionFederatedIdentityClientId: "f83c6b1b-4d34-47e4-bb34-9d83df58b540",
encryptionUserAssignedIdentity:
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
},
keySource: "Microsoft.Keyvault",
keyVaultProperties: {
keyName: "wrappingKey",
keyVaultUri: "https://myvault8569.vault.azure.net",
keyVersion: "",
},
services: {
blob: { enabled: true, keyType: "Account" },
file: { enabled: true, keyType: "Account" },
},
},
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/{subscriptionId}/resourceGroups/res9101/providers/MicrosoftManagedIdentity/userAssignedIdentities/{managedIdentityName}":
{},
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_LRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateUserAssignedIdentityWithFederatedIdentityClientId.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res131918";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto131918";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardLrs), StorageKind.Storage, new AzureLocation("eastus"))
{
Identity = new ManagedServiceIdentity("UserAssigned")
{
UserAssignedIdentities =
{
[new ResourceIdentifier("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}")] = new UserAssignedIdentity(),
},
},
Encryption = new StorageAccountEncryption()
{
Services = new StorageAccountEncryptionServices()
{
Blob = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
File = new StorageEncryptionService()
{
IsEnabled = true,
KeyType = StorageEncryptionKeyType.Account,
},
},
KeySource = StorageAccountKeySource.KeyVault,
KeyVaultProperties = new StorageAccountKeyVaultProperties()
{
KeyName = "wrappingKey",
KeyVersion = "",
KeyVaultUri = new Uri("https://myvault8569.vault.azure.net"),
},
EncryptionIdentity = new StorageAccountEncryptionIdentity()
{
EncryptionUserAssignedIdentity = "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
EncryptionFederatedIdentityClientId = "f83c6b1b-4d34-47e4-bb34-9d83df58b540",
},
},
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"identity": {
"userAssignedIdentities": {
"/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}": {
"principalId": "8d823284-1060-42a5-9ec4-ed3d831e24d7",
"clientId": "fbaa6278-1ecc-415c-819f-6e2058d3acb5"
}
},
"type": "UserAssigned"
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"name": "sto4445",
"type": "Microsoft.Storage/storageAccounts",
"location": "eastus",
"tags": {},
"properties": {
"privateEndpointConnections": [],
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"identity": {
"userAssignedIdentity": "/subscriptions/{subscription-id}/resourcegroups/res9101/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{managed-identity-name}",
"federatedIdentityClientId": "f83c6b1b-4d34-47e4-bb34-9d83df58b540"
},
"keyvaultproperties": {
"keyvaulturi": "https://myvault8569.vault.azure.net",
"keyname": "wrappingKey",
"keyversion": "",
"currentVersionedKeyIdentifier": "https://myvault8569.vault.azure.net/keys/wrappingKey/0682afdd9c104f4285df20107e956cad",
"lastKeyRotationTimestamp": "2019-12-13T20:36:23.7023290Z"
},
"services": {
"file": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
},
"blob": {
"keyType": "Account",
"enabled": true,
"lastEnabledTime": "2020-12-15T00:43:14.1739587Z"
}
},
"keySource": "Microsoft.Keyvault"
},
"accessTier": "Hot",
"provisioningState": "Succeeded",
"creationTime": "2020-12-15T00:43:14.0839093Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus",
"statusOfPrimary": "available"
}
}
StorageAccountCreateWithImmutabilityPolicy
Pedido de amostra
PUT https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445?api-version=2023-05-01
{
"sku": {
"name": "Standard_GRS"
},
"kind": "Storage",
"location": "eastus",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"immutableStorageWithVersioning": {
"immutabilityPolicy": {
"immutabilityPeriodSinceCreationInDays": 15,
"allowProtectedAppendWrites": true,
"state": "Unlocked"
},
"enabled": true
}
}
}
import com.azure.resourcemanager.storage.models.AccountImmutabilityPolicyProperties;
import com.azure.resourcemanager.storage.models.AccountImmutabilityPolicyState;
import com.azure.resourcemanager.storage.models.ExtendedLocation;
import com.azure.resourcemanager.storage.models.ExtendedLocationTypes;
import com.azure.resourcemanager.storage.models.ImmutableStorageAccount;
import com.azure.resourcemanager.storage.models.Kind;
import com.azure.resourcemanager.storage.models.Sku;
import com.azure.resourcemanager.storage.models.SkuName;
import com.azure.resourcemanager.storage.models.StorageAccountCreateParameters;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for StorageAccounts Create.
*/
public final class Main {
/*
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/
* StorageAccountCreateWithImmutabilityPolicy.json
*/
/**
* Sample code: StorageAccountCreateWithImmutabilityPolicy.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
storageAccountCreateWithImmutabilityPolicy(com.azure.resourcemanager.AzureResourceManager azure) {
azure.storageAccounts().manager().serviceClient().getStorageAccounts()
.create("res9101", "sto4445",
new StorageAccountCreateParameters().withSku(new Sku().withName(SkuName.STANDARD_GRS))
.withKind(Kind.STORAGE).withLocation("eastus")
.withExtendedLocation(
new ExtendedLocation().withName("losangeles001").withType(ExtendedLocationTypes.EDGE_ZONE))
.withImmutableStorageWithVersioning(new ImmutableStorageAccount().withEnabled(true)
.withImmutabilityPolicy(new AccountImmutabilityPolicyProperties()
.withImmutabilityPeriodSinceCreationInDays(15)
.withState(AccountImmutabilityPolicyState.UNLOCKED).withAllowProtectedAppendWrites(true))),
com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from typing import Any, IO, Union
from azure.identity import DefaultAzureCredential
from azure.mgmt.storage import StorageManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-storage
# USAGE
python storage_account_create_with_immutability_policy.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = StorageManagementClient(
credential=DefaultAzureCredential(),
subscription_id="{subscription-id}",
)
response = client.storage_accounts.begin_create(
resource_group_name="res9101",
account_name="sto4445",
parameters={
"extendedLocation": {"name": "losangeles001", "type": "EdgeZone"},
"kind": "Storage",
"location": "eastus",
"properties": {
"immutableStorageWithVersioning": {
"enabled": True,
"immutabilityPolicy": {
"allowProtectedAppendWrites": True,
"immutabilityPeriodSinceCreationInDays": 15,
"state": "Unlocked",
},
}
},
"sku": {"name": "Standard_GRS"},
},
).result()
print(response)
# x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armstorage_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/220ad9c6554fc7d6d10a89bdb441c1e3b36e3285/specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
func ExampleAccountsClient_BeginCreate_storageAccountCreateWithImmutabilityPolicy() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armstorage.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAccountsClient().BeginCreate(ctx, "res9101", "sto4445", armstorage.AccountCreateParameters{
ExtendedLocation: &armstorage.ExtendedLocation{
Name: to.Ptr("losangeles001"),
Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
},
Kind: to.Ptr(armstorage.KindStorage),
Location: to.Ptr("eastus"),
Properties: &armstorage.AccountPropertiesCreateParameters{
ImmutableStorageWithVersioning: &armstorage.ImmutableStorageAccount{
Enabled: to.Ptr(true),
ImmutabilityPolicy: &armstorage.AccountImmutabilityPolicyProperties{
AllowProtectedAppendWrites: to.Ptr(true),
ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](15),
State: to.Ptr(armstorage.AccountImmutabilityPolicyStateUnlocked),
},
},
},
SKU: &armstorage.SKU{
Name: to.Ptr(armstorage.SKUNameStandardGRS),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Account = armstorage.Account{
// Name: to.Ptr("sto4445"),
// Type: to.Ptr("Microsoft.Storage/storageAccounts"),
// ID: to.Ptr("/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445"),
// Location: to.Ptr("eastus"),
// ExtendedLocation: &armstorage.ExtendedLocation{
// Name: to.Ptr("losangeles001"),
// Type: to.Ptr(armstorage.ExtendedLocationTypesEdgeZone),
// },
// Kind: to.Ptr(armstorage.KindStorage),
// Properties: &armstorage.AccountProperties{
// CreationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2017-05-24T13:25:33.486Z"); return t}()),
// ImmutableStorageWithVersioning: &armstorage.ImmutableStorageAccount{
// Enabled: to.Ptr(true),
// ImmutabilityPolicy: &armstorage.AccountImmutabilityPolicyProperties{
// AllowProtectedAppendWrites: to.Ptr(true),
// ImmutabilityPeriodSinceCreationInDays: to.Ptr[int32](15),
// State: to.Ptr(armstorage.AccountImmutabilityPolicyStateUnlocked),
// },
// },
// PrimaryEndpoints: &armstorage.Endpoints{
// Blob: to.Ptr("https://sto4445.blob.core.windows.net/"),
// Dfs: to.Ptr("https://sto4445.dfs.core.windows.net/"),
// File: to.Ptr("https://sto4445.file.core.windows.net/"),
// Queue: to.Ptr("https://sto4445.queue.core.windows.net/"),
// Table: to.Ptr("https://sto4445.table.core.windows.net/"),
// Web: to.Ptr("https://sto4445.web.core.windows.net/"),
// },
// PrimaryLocation: to.Ptr("eastus2euap"),
// ProvisioningState: to.Ptr(armstorage.ProvisioningStateSucceeded),
// },
// SKU: &armstorage.SKU{
// Name: to.Ptr(armstorage.SKUNameStandardGRS),
// Tier: to.Ptr(armstorage.SKUTierStandard),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { StorageManagementClient } = require("@azure/arm-storage");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
*
* @summary Asynchronously creates a new storage account with the specified parameters. If an account is already created and a subsequent create request is issued with different properties, the account properties will be updated. If an account is already created and a subsequent create or update request is issued with the exact same set of properties, the request will succeed.
* x-ms-original-file: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
*/
async function storageAccountCreateWithImmutabilityPolicy() {
const subscriptionId = process.env["STORAGE_SUBSCRIPTION_ID"] || "{subscription-id}";
const resourceGroupName = process.env["STORAGE_RESOURCE_GROUP"] || "res9101";
const accountName = "sto4445";
const parameters = {
extendedLocation: { name: "losangeles001", type: "EdgeZone" },
immutableStorageWithVersioning: {
enabled: true,
immutabilityPolicy: {
allowProtectedAppendWrites: true,
immutabilityPeriodSinceCreationInDays: 15,
state: "Unlocked",
},
},
kind: "Storage",
location: "eastus",
sku: { name: "Standard_GRS" },
};
const credential = new DefaultAzureCredential();
const client = new StorageManagementClient(credential, subscriptionId);
const result = await client.storageAccounts.beginCreateAndWait(
resourceGroupName,
accountName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Resources.Models;
using Azure.ResourceManager.Storage.Models;
using Azure.ResourceManager.Storage;
// Generated from example definition: specification/storage/resource-manager/Microsoft.Storage/stable/2023-05-01/examples/StorageAccountCreateWithImmutabilityPolicy.json
// this example is just showing the usage of "StorageAccounts_Create" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "{subscription-id}";
string resourceGroupName = "res9101";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);
// get the collection of this StorageAccountResource
StorageAccountCollection collection = resourceGroupResource.GetStorageAccounts();
// invoke the operation
string accountName = "sto4445";
StorageAccountCreateOrUpdateContent content = new StorageAccountCreateOrUpdateContent(new StorageSku(StorageSkuName.StandardGrs), StorageKind.Storage, new AzureLocation("eastus"))
{
ExtendedLocation = new ExtendedLocation()
{
Name = "losangeles001",
},
ImmutableStorageWithVersioning = new ImmutableStorageAccount()
{
IsEnabled = true,
ImmutabilityPolicy = new AccountImmutabilityPolicy()
{
ImmutabilityPeriodSinceCreationInDays = 15,
State = AccountImmutabilityPolicyState.Unlocked,
AllowProtectedAppendWrites = true,
},
},
};
ArmOperation<StorageAccountResource> lro = await collection.CreateOrUpdateAsync(WaitUntil.Completed, accountName, content);
StorageAccountResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
StorageAccountData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Resposta da amostra
{
"id": "/subscriptions/{subscription-id}/resourceGroups/res9101/providers/Microsoft.Storage/storageAccounts/sto4445",
"kind": "Storage",
"location": "eastus",
"name": "sto4445",
"extendedLocation": {
"type": "EdgeZone",
"name": "losangeles001"
},
"properties": {
"creationTime": "2017-05-24T13:25:33.4863236Z",
"primaryEndpoints": {
"web": "https://sto4445.web.core.windows.net/",
"dfs": "https://sto4445.dfs.core.windows.net/",
"blob": "https://sto4445.blob.core.windows.net/",
"file": "https://sto4445.file.core.windows.net/",
"queue": "https://sto4445.queue.core.windows.net/",
"table": "https://sto4445.table.core.windows.net/"
},
"primaryLocation": "eastus2euap",
"provisioningState": "Succeeded",
"immutableStorageWithVersioning": {
"immutabilityPolicy": {
"immutabilityPeriodSinceCreationInDays": 15,
"allowProtectedAppendWrites": true,
"state": "Unlocked"
},
"enabled": true
}
},
"sku": {
"name": "Standard_GRS",
"tier": "Standard"
},
"type": "Microsoft.Storage/storageAccounts"
}
Definições
Name |
Description |
AccessTier
|
Necessário para contas de armazenamento onde kind = BlobStorage. A camada de acesso é usada para faturamento. A camada de acesso 'Premium' é o valor padrão para o tipo de conta de armazenamento de blobs de bloco premium e não pode ser alterada para o tipo de conta de armazenamento de blobs de bloco premium.
|
AccountImmutabilityPolicyProperties
|
Isso define as propriedades da política de imutabilidade no nível da conta.
|
AccountImmutabilityPolicyState
|
O estado ImmutabilityPolicy define o modo da política. O estado desativado desativa a política, o estado desbloqueado permite o aumento e a diminuição do tempo de retenção de imutabilidade e também permite alternar a propriedade allowProtectedAppendWrites, o estado bloqueado só permite o aumento do tempo de retenção de imutabilidade. Uma política só pode ser criada no estado Desativado ou Desbloqueado e pode ser alternada entre os dois estados. Somente uma política em um estado Desbloqueado pode fazer a transição para um estado Bloqueado que não pode ser revertido.
|
AccountStatus
|
Obtém o status que indica se o local principal da conta de armazenamento está disponível ou indisponível.
|
AccountType
|
Especifica o tipo de conta do Ative Directory para o Armazenamento do Azure.
|
Action
|
A ação da regra de rede virtual.
|
ActiveDirectoryProperties
|
Propriedades de configurações para o Ative Directory (AD).
|
AllowedCopyScope
|
Restrinja a cópia de e para Contas de Armazenamento dentro de um locatário do AAD ou com Links Privados para a mesma VNet.
|
AzureFilesIdentityBasedAuthentication
|
Configurações para autenticação baseada em identidade dos Arquivos do Azure.
|
BlobRestoreParameters
|
Parâmetros de restauração de blob
|
BlobRestoreProgressStatus
|
O status do progresso de restauração de blob. Os valores possíveis são: - InProgress: indica que a restauração de blob está em andamento. - Completo: Indica que a restauração do blob foi concluída com êxito. - Falha: Indica que a restauração do blob falhou.
|
BlobRestoreRange
|
Intervalo de Blob
|
BlobRestoreStatus
|
Status de restauração de Blob.
|
Bypass
|
Especifica se o tráfego é ignorado para Logging/Metrics/AzureServices. Os valores possíveis são qualquer combinação de Logging|Métricas|AzureServices (por exemplo, "Logging, Metrics") ou Nenhum para ignorar nenhum desses tráfegos.
|
CustomDomain
|
O domínio personalizado atribuído a esta conta de armazenamento. Isso pode ser definido via Update.
|
DefaultAction
|
Especifica a ação padrão de permitir ou negar quando nenhuma outra regra corresponder.
|
DefaultSharePermission
|
Permissão de compartilhamento padrão para usuários que usam a autenticação Kerberos se a função RBAC não estiver atribuída.
|
DirectoryServiceOptions
|
Indica o serviço de diretório usado. Note-se que este enum pode ser estendido no futuro.
|
DnsEndpointType
|
Permite especificar o tipo de ponto de extremidade. Defina isso como AzureDNSZone para criar um grande número de contas em uma única assinatura, que cria contas em uma Zona DNS do Azure e a URL do ponto de extremidade terá um identificador alfanumérico de Zona DNS.
|
Encryption
|
As configurações de criptografia na conta de armazenamento.
|
EncryptionIdentity
|
Identidade de criptografia para a conta de armazenamento.
|
EncryptionService
|
Um serviço que permite o uso de criptografia do lado do servidor.
|
EncryptionServices
|
Uma lista de serviços que suportam encriptação.
|
Endpoints
|
Os URIs que são usados para executar uma recuperação de um blob público, fila, tabela, web ou objeto dfs.
|
ExpirationAction
|
A ação de expiração SAS define a ação a ser executada quando sasPolicy.sasExpirationPeriod é violado. A ação 'Log' pode ser usada para fins de auditoria e a ação 'Bloquear' pode ser usada para bloquear e negar o uso de tokens SAS que não aderem ao período de expiração da política sas.
|
ExtendedLocation
|
O tipo complexo do local estendido.
|
ExtendedLocationTypes
|
O tipo de local estendido.
|
GeoReplicationStats
|
Estatísticas relacionadas à replicação para os serviços Blob, Tabela, Fila e Arquivo da conta de armazenamento. Ele só está disponível quando a replicação com redundância geográfica está habilitada para a conta de armazenamento.
|
GeoReplicationStatus
|
O status do local secundário. Os valores possíveis são: - Live: Indica que o local secundário está ativo e operacional. - Bootstrap: Indica que a sincronização inicial do local primário para o local secundário está em andamento. Isso normalmente ocorre quando a replicação é habilitada pela primeira vez. - Indisponível: Indica que o local secundário está temporariamente indisponível.
|
Identity
|
Identidade do recurso.
|
IdentityType
|
O tipo de identidade.
|
ImmutableStorageAccount
|
Essa propriedade habilita e define a imutabilidade no nível da conta. A ativação do recurso habilita automaticamente o Controle de Versão de Blob.
|
IPRule
|
Regra de IP com IP específico ou intervalo de IP no formato CIDR.
|
KeyCreationTime
|
Tempo de criação das chaves da conta de armazenamento.
|
KeyPolicy
|
KeyPolicy atribuído à conta de armazenamento.
|
KeySource
|
A chave de criptografiaSource (provedor). Valores possíveis (sem distinção entre maiúsculas e minúsculas): Microsoft.Storage, Microsoft.Keyvault
|
KeyType
|
Tipo de chave de criptografia a ser usada para o serviço de criptografia. O tipo de chave 'Conta' implica que será utilizada uma chave de encriptação com âmbito de conta. O tipo de chave 'Serviço' implica que é utilizada uma chave de serviço predefinida.
|
KeyVaultProperties
|
Propriedades do cofre de chaves.
|
Kind
|
Indica o tipo de conta de armazenamento.
|
LargeFileSharesState
|
Permita compartilhamentos de arquivos grandes se definido como Habilitado. Ele não pode ser desativado uma vez que está ativado.
|
MinimumTlsVersion
|
Defina a versão mínima do TLS a ser permitida em solicitações de armazenamento. A interpretação padrão é TLS 1.0 para esta propriedade.
|
NetworkRuleSet
|
Conjunto de regras de rede
|
postFailoverRedundancy
|
O tipo de redundância da conta após a execução de um failover de conta.
|
postPlannedFailoverRedundancy
|
O tipo de redundância da conta após a execução de um failover de conta planejado.
|
PrivateEndpoint
|
O recurso Ponto Final Privado.
|
PrivateEndpointConnection
|
O recurso Private Endpoint Connection.
|
PrivateEndpointConnectionProvisioningState
|
O estado de provisionamento atual.
|
PrivateEndpointServiceConnectionStatus
|
O status da conexão de ponto de extremidade privado.
|
PrivateLinkServiceConnectionState
|
Uma recolha de informações sobre o estado da ligação entre o consumidor e o prestador de serviços.
|
ProvisioningState
|
Obtém o status da conta de armazenamento no momento em que a operação foi chamada.
|
PublicNetworkAccess
|
Permitir, não permitir ou permitir a configuração do Perímetro de Segurança de Rede para avaliar o acesso à rede pública à Conta de Armazenamento. O valor é opcional, mas se passado, deve ser 'Enabled', 'Disabled' ou 'SecuredByPerimeter'.
|
ResourceAccessRule
|
Regra de Acesso a Recursos.
|
RoutingChoice
|
A opção de roteamento define o tipo de roteamento de rede escolhido pelo usuário.
|
RoutingPreference
|
Preferência de roteamento define o tipo de rede, seja microsoft ou roteamento de internet a ser usado para entregar os dados do usuário, a opção padrão é roteamento microsoft
|
SasPolicy
|
SasPolicy atribuído à conta de armazenamento.
|
Sku
|
O SKU da conta de armazenamento.
|
SkuConversionStatus
|
Esta propriedade indica o status atual de conversão de sku.
|
SkuName
|
O nome SKU. Necessário para a criação de conta; opcional para atualização. Observe que, em versões mais antigas, o nome da SKU era chamado accountType.
|
SkuTier
|
A camada de SKU. Isso é baseado no nome SKU.
|
State
|
Obtém o estado da regra de rede virtual.
|
StorageAccount
|
A conta de armazenamento.
|
StorageAccountCreateParameters
|
Os parâmetros usados ao criar uma conta de armazenamento.
|
StorageAccountInternetEndpoints
|
Os URIs que são usados para executar uma recuperação de um blob público, arquivo, web ou objeto dfs por meio de um ponto de extremidade de roteamento da Internet.
|
StorageAccountMicrosoftEndpoints
|
Os URIs que são usados para executar uma recuperação de um blob público, fila, tabela, web ou objeto dfs por meio de um ponto de extremidade de roteamento da Microsoft.
|
StorageAccountSkuConversionStatus
|
Isso define o objeto de status de conversão de sku para conversões de sku assíncronas.
|
UserAssignedIdentity
|
UserAssignedIdentity para o recurso.
|
VirtualNetworkRule
|
Regra de Rede Virtual.
|
AccessTier
Necessário para contas de armazenamento onde kind = BlobStorage. A camada de acesso é usada para faturamento. A camada de acesso 'Premium' é o valor padrão para o tipo de conta de armazenamento de blobs de bloco premium e não pode ser alterada para o tipo de conta de armazenamento de blobs de bloco premium.
Name |
Tipo |
Description |
Cold
|
string
|
|
Cool
|
string
|
|
Hot
|
string
|
|
Premium
|
string
|
|
AccountImmutabilityPolicyProperties
Isso define as propriedades da política de imutabilidade no nível da conta.
Name |
Tipo |
Description |
allowProtectedAppendWrites
|
boolean
|
Essa propriedade só pode ser alterada para políticas de retenção com base no tempo desabilitadas e desbloqueadas. Quando habilitados, novos blocos podem ser gravados em um blob de acréscimo, mantendo a proteção e a conformidade da imutabilidade. Apenas novos blocos podem ser adicionados e quaisquer blocos existentes não podem ser modificados ou excluídos.
|
immutabilityPeriodSinceCreationInDays
|
integer
|
O período de imutabilidade para os blobs no contêiner desde a criação da política, em dias.
|
state
|
AccountImmutabilityPolicyState
|
O estado ImmutabilityPolicy define o modo da política. O estado desativado desativa a política, o estado desbloqueado permite o aumento e a diminuição do tempo de retenção de imutabilidade e também permite alternar a propriedade allowProtectedAppendWrites, o estado bloqueado só permite o aumento do tempo de retenção de imutabilidade. Uma política só pode ser criada no estado Desativado ou Desbloqueado e pode ser alternada entre os dois estados. Somente uma política em um estado Desbloqueado pode fazer a transição para um estado Bloqueado que não pode ser revertido.
|
AccountImmutabilityPolicyState
O estado ImmutabilityPolicy define o modo da política. O estado desativado desativa a política, o estado desbloqueado permite o aumento e a diminuição do tempo de retenção de imutabilidade e também permite alternar a propriedade allowProtectedAppendWrites, o estado bloqueado só permite o aumento do tempo de retenção de imutabilidade. Uma política só pode ser criada no estado Desativado ou Desbloqueado e pode ser alternada entre os dois estados. Somente uma política em um estado Desbloqueado pode fazer a transição para um estado Bloqueado que não pode ser revertido.
Name |
Tipo |
Description |
Disabled
|
string
|
|
Locked
|
string
|
|
Unlocked
|
string
|
|
AccountStatus
Obtém o status que indica se o local principal da conta de armazenamento está disponível ou indisponível.
Name |
Tipo |
Description |
available
|
string
|
|
unavailable
|
string
|
|
AccountType
Especifica o tipo de conta do Ative Directory para o Armazenamento do Azure.
Name |
Tipo |
Description |
Computer
|
string
|
|
User
|
string
|
|
Action
A ação da regra de rede virtual.
Name |
Tipo |
Description |
Allow
|
string
|
|
ActiveDirectoryProperties
Propriedades de configurações para o Ative Directory (AD).
Name |
Tipo |
Description |
accountType
|
AccountType
|
Especifica o tipo de conta do Ative Directory para o Armazenamento do Azure.
|
azureStorageSid
|
string
|
Especifica o identificador de segurança (SID) para o Armazenamento do Azure.
|
domainGuid
|
string
|
Especifica o GUID do domínio.
|
domainName
|
string
|
Especifica o domínio primário para o qual o servidor DNS do AD é autoritativo.
|
domainSid
|
string
|
Especifica o identificador de segurança (SID).
|
forestName
|
string
|
Especifica a floresta do Ative Directory a ser obtida.
|
netBiosDomainName
|
string
|
Especifica o nome de domínio NetBIOS.
|
samAccountName
|
string
|
Especifica o Ative Directory SAMAccountName para o Armazenamento do Azure.
|
AllowedCopyScope
Restrinja a cópia de e para Contas de Armazenamento dentro de um locatário do AAD ou com Links Privados para a mesma VNet.
Name |
Tipo |
Description |
AAD
|
string
|
|
PrivateLink
|
string
|
|
AzureFilesIdentityBasedAuthentication
Configurações para autenticação baseada em identidade dos Arquivos do Azure.
Name |
Tipo |
Description |
activeDirectoryProperties
|
ActiveDirectoryProperties
|
Obrigatório se directoryServiceOptions for AD, opcional se for AADKERB.
|
defaultSharePermission
|
DefaultSharePermission
|
Permissão de compartilhamento padrão para usuários que usam a autenticação Kerberos se a função RBAC não estiver atribuída.
|
directoryServiceOptions
|
DirectoryServiceOptions
|
Indica o serviço de diretório usado. Note-se que este enum pode ser estendido no futuro.
|
BlobRestoreParameters
Parâmetros de restauração de blob
Name |
Tipo |
Description |
blobRanges
|
BlobRestoreRange[]
|
Intervalos de Blob para restauração.
|
timeToRestore
|
string
|
Restaure o blob para o tempo especificado.
|
BlobRestoreProgressStatus
O status do progresso de restauração de blob. Os valores possíveis são: - InProgress: indica que a restauração de blob está em andamento. - Completo: Indica que a restauração do blob foi concluída com êxito. - Falha: Indica que a restauração do blob falhou.
Name |
Tipo |
Description |
Complete
|
string
|
|
Failed
|
string
|
|
InProgress
|
string
|
|
BlobRestoreRange
Intervalo de Blob
Name |
Tipo |
Description |
endRange
|
string
|
Intervalo final de blob. Isto é exclusivo. Vazio significa fim da conta.
|
startRange
|
string
|
Intervalo inicial do blob. Isto é inclusivo. Vazio significa início da conta.
|
BlobRestoreStatus
Status de restauração de Blob.
Name |
Tipo |
Description |
failureReason
|
string
|
Motivo da falha quando a restauração do blob falhou.
|
parameters
|
BlobRestoreParameters
|
Parâmetros de solicitação de restauração de Blob.
|
restoreId
|
string
|
Id para rastrear a solicitação de restauração de blob.
|
status
|
BlobRestoreProgressStatus
|
O status do progresso de restauração de blob. Os valores possíveis são: - InProgress: indica que a restauração de blob está em andamento. - Completo: Indica que a restauração do blob foi concluída com êxito. - Falha: Indica que a restauração do blob falhou.
|
Bypass
Especifica se o tráfego é ignorado para Logging/Metrics/AzureServices. Os valores possíveis são qualquer combinação de Logging|Métricas|AzureServices (por exemplo, "Logging, Metrics") ou Nenhum para ignorar nenhum desses tráfegos.
Name |
Tipo |
Description |
AzureServices
|
string
|
|
Logging
|
string
|
|
Metrics
|
string
|
|
None
|
string
|
|
CustomDomain
O domínio personalizado atribuído a esta conta de armazenamento. Isso pode ser definido via Update.
Name |
Tipo |
Description |
name
|
string
|
Obtém ou define o nome de domínio personalizado atribuído à conta de armazenamento. Nome é a fonte CNAME.
|
useSubDomainName
|
boolean
|
Indica se a validação indireta do CName está habilitada. O valor padrão é false. Isso só deve ser definido em atualizações.
|
DefaultAction
Especifica a ação padrão de permitir ou negar quando nenhuma outra regra corresponder.
Name |
Tipo |
Description |
Allow
|
string
|
|
Deny
|
string
|
|
DefaultSharePermission
Permissão de compartilhamento padrão para usuários que usam a autenticação Kerberos se a função RBAC não estiver atribuída.
Name |
Tipo |
Description |
None
|
string
|
|
StorageFileDataSmbShareContributor
|
string
|
|
StorageFileDataSmbShareElevatedContributor
|
string
|
|
StorageFileDataSmbShareReader
|
string
|
|
DirectoryServiceOptions
Indica o serviço de diretório usado. Note-se que este enum pode ser estendido no futuro.
Name |
Tipo |
Description |
AADDS
|
string
|
|
AADKERB
|
string
|
|
AD
|
string
|
|
None
|
string
|
|
DnsEndpointType
Permite especificar o tipo de ponto de extremidade. Defina isso como AzureDNSZone para criar um grande número de contas em uma única assinatura, que cria contas em uma Zona DNS do Azure e a URL do ponto de extremidade terá um identificador alfanumérico de Zona DNS.
Name |
Tipo |
Description |
AzureDnsZone
|
string
|
|
Standard
|
string
|
|
Encryption
As configurações de criptografia na conta de armazenamento.
Name |
Tipo |
Default value |
Description |
identity
|
EncryptionIdentity
|
|
A identidade a ser usada com a criptografia do lado do serviço em repouso.
|
keySource
|
KeySource
|
Microsoft.Storage
|
A chave de criptografiaSource (provedor). Valores possíveis (sem distinção entre maiúsculas e minúsculas): Microsoft.Storage, Microsoft.Keyvault
|
keyvaultproperties
|
KeyVaultProperties
|
|
Propriedades fornecidas pelo cofre de chaves.
|
requireInfrastructureEncryption
|
boolean
|
|
Um booleano que indica se o serviço aplica ou não uma camada secundária de criptografia com chaves gerenciadas pela plataforma para dados em repouso.
|
services
|
EncryptionServices
|
|
Lista de serviços que suportam encriptação.
|
EncryptionIdentity
Identidade de criptografia para a conta de armazenamento.
Name |
Tipo |
Description |
federatedIdentityClientId
|
string
|
ClientId do aplicativo multilocatário a ser usado em conjunto com a identidade atribuída pelo usuário para criptografia do lado do servidor de chaves gerenciadas pelo cliente entre locatários na conta de armazenamento.
|
userAssignedIdentity
|
string
|
Identificador de recurso da identidade UserAssigned a ser associada à criptografia do lado do servidor na conta de armazenamento.
|
EncryptionService
Um serviço que permite o uso de criptografia do lado do servidor.
Name |
Tipo |
Description |
enabled
|
boolean
|
Um booleano que indica se o serviço criptografa ou não os dados à medida que são armazenados. A criptografia em repouso está habilitada por padrão atualmente e não pode ser desabilitada.
|
keyType
|
KeyType
|
Tipo de chave de criptografia a ser usada para o serviço de criptografia. O tipo de chave 'Conta' implica que será utilizada uma chave de encriptação com âmbito de conta. O tipo de chave 'Serviço' implica que é utilizada uma chave de serviço predefinida.
|
lastEnabledTime
|
string
|
Obtém uma estimativa aproximada da data/hora em que a criptografia foi habilitada pela última vez pelo usuário. Atualmente, os dados são criptografados em repouso por padrão e não podem ser desativados.
|
EncryptionServices
Uma lista de serviços que suportam encriptação.
Name |
Tipo |
Description |
blob
|
EncryptionService
|
A função de criptografia do serviço de armazenamento de blob.
|
file
|
EncryptionService
|
A função de encriptação do serviço de armazenamento de ficheiros.
|
queue
|
EncryptionService
|
A função de criptografia do serviço de armazenamento de filas.
|
table
|
EncryptionService
|
A função de criptografia do serviço de armazenamento de tabelas.
|
Endpoints
Os URIs que são usados para executar uma recuperação de um blob público, fila, tabela, web ou objeto dfs.
Name |
Tipo |
Description |
blob
|
string
|
Obtém o ponto de extremidade blob.
|
dfs
|
string
|
Obtém o ponto de extremidade dfs.
|
file
|
string
|
Obtém o ponto de extremidade do arquivo.
|
internetEndpoints
|
StorageAccountInternetEndpoints
|
Obtém os pontos de extremidade de armazenamento de roteamento da Internet
|
microsoftEndpoints
|
StorageAccountMicrosoftEndpoints
|
Obtém os pontos de extremidade de armazenamento de roteamento da Microsoft.
|
queue
|
string
|
Obtém o ponto de extremidade da fila.
|
table
|
string
|
Obtém o ponto de extremidade da tabela.
|
web
|
string
|
Obtém o ponto de extremidade da Web.
|
ExpirationAction
A ação de expiração SAS define a ação a ser executada quando sasPolicy.sasExpirationPeriod é violado. A ação 'Log' pode ser usada para fins de auditoria e a ação 'Bloquear' pode ser usada para bloquear e negar o uso de tokens SAS que não aderem ao período de expiração da política sas.
Name |
Tipo |
Description |
Block
|
string
|
|
Log
|
string
|
|
ExtendedLocation
O tipo complexo do local estendido.
Name |
Tipo |
Description |
name
|
string
|
O nome do local estendido.
|
type
|
ExtendedLocationTypes
|
O tipo de local estendido.
|
ExtendedLocationTypes
O tipo de local estendido.
Name |
Tipo |
Description |
EdgeZone
|
string
|
|
GeoReplicationStats
Estatísticas relacionadas à replicação para os serviços Blob, Tabela, Fila e Arquivo da conta de armazenamento. Ele só está disponível quando a replicação com redundância geográfica está habilitada para a conta de armazenamento.
Name |
Tipo |
Description |
canFailover
|
boolean
|
Um sinalizador booleano que indica se o failover de conta é suportado ou não para a conta.
|
canPlannedFailover
|
boolean
|
Um sinalizador booleano que indica se o failover de conta planejado é suportado ou não para a conta.
|
lastSyncTime
|
string
|
Todas as gravações primárias anteriores a esse valor de data/hora UTC têm a garantia de estar disponíveis para operações de leitura. As gravações primárias após este ponto no tempo podem ou não estar disponíveis para leitura. O elemento pode ser o valor padrão se o valor de LastSyncTime não estiver disponível, isso pode acontecer se o secundário estiver offline ou se estivermos no bootstrap.
|
postFailoverRedundancy
|
postFailoverRedundancy
|
O tipo de redundância da conta após a execução de um failover de conta.
|
postPlannedFailoverRedundancy
|
postPlannedFailoverRedundancy
|
O tipo de redundância da conta após a execução de um failover de conta planejado.
|
status
|
GeoReplicationStatus
|
O status do local secundário. Os valores possíveis são: - Live: Indica que o local secundário está ativo e operacional. - Bootstrap: Indica que a sincronização inicial do local primário para o local secundário está em andamento. Isso normalmente ocorre quando a replicação é habilitada pela primeira vez. - Indisponível: Indica que o local secundário está temporariamente indisponível.
|
GeoReplicationStatus
O status do local secundário. Os valores possíveis são: - Live: Indica que o local secundário está ativo e operacional. - Bootstrap: Indica que a sincronização inicial do local primário para o local secundário está em andamento. Isso normalmente ocorre quando a replicação é habilitada pela primeira vez. - Indisponível: Indica que o local secundário está temporariamente indisponível.
Name |
Tipo |
Description |
Bootstrap
|
string
|
|
Live
|
string
|
|
Unavailable
|
string
|
|
Identity
Identidade do recurso.
Name |
Tipo |
Description |
principalId
|
string
|
A ID principal da identidade do recurso.
|
tenantId
|
string
|
A ID do locatário do recurso.
|
type
|
IdentityType
|
O tipo de identidade.
|
userAssignedIdentities
|
<string,
UserAssignedIdentity>
|
Obtém ou define uma lista de pares de valores de chave que descrevem o conjunto de identidades atribuídas pelo usuário que serão usadas com essa conta de armazenamento. A chave é o identificador de recurso ARM da identidade. Apenas 1 identidade atribuída ao usuário é permitida aqui.
|
IdentityType
O tipo de identidade.
Name |
Tipo |
Description |
None
|
string
|
|
SystemAssigned
|
string
|
|
SystemAssigned,UserAssigned
|
string
|
|
UserAssigned
|
string
|
|
ImmutableStorageAccount
Essa propriedade habilita e define a imutabilidade no nível da conta. A ativação do recurso habilita automaticamente o Controle de Versão de Blob.
Name |
Tipo |
Description |
enabled
|
boolean
|
Um sinalizador booleano que permite a imutabilidade no nível da conta. Todos os contêineres sob tal conta têm imutabilidade no nível do objeto habilitada por padrão.
|
immutabilityPolicy
|
AccountImmutabilityPolicyProperties
|
Especifica a política de imutabilidade no nível de conta padrão que é herdada e aplicada a objetos que não possuem uma política de imutabilidade explícita no nível do objeto. A política de imutabilidade no nível do objeto tem precedência maior do que a política de imutabilidade no nível do contêiner, que tem uma precedência maior do que a política de imutabilidade no nível da conta.
|
IPRule
Regra de IP com IP específico ou intervalo de IP no formato CIDR.
Name |
Tipo |
Default value |
Description |
action
|
Action
|
Allow
|
A ação da regra ACL IP.
|
value
|
string
|
|
Especifica o IP ou intervalo de IP no formato CIDR. Apenas o endereço IPV4 é permitido.
|
KeyCreationTime
Tempo de criação das chaves da conta de armazenamento.
Name |
Tipo |
Description |
key1
|
string
|
|
key2
|
string
|
|
KeyPolicy
KeyPolicy atribuído à conta de armazenamento.
Name |
Tipo |
Description |
keyExpirationPeriodInDays
|
integer
|
O período de expiração da chave em dias.
|
KeySource
A chave de criptografiaSource (provedor). Valores possíveis (sem distinção entre maiúsculas e minúsculas): Microsoft.Storage, Microsoft.Keyvault
Name |
Tipo |
Description |
Microsoft.Keyvault
|
string
|
|
Microsoft.Storage
|
string
|
|
KeyType
Tipo de chave de criptografia a ser usada para o serviço de criptografia. O tipo de chave 'Conta' implica que será utilizada uma chave de encriptação com âmbito de conta. O tipo de chave 'Serviço' implica que é utilizada uma chave de serviço predefinida.
Name |
Tipo |
Description |
Account
|
string
|
|
Service
|
string
|
|
KeyVaultProperties
Propriedades do cofre de chaves.
Name |
Tipo |
Description |
currentVersionedKeyExpirationTimestamp
|
string
|
Esta é uma propriedade somente leitura que representa o tempo de expiração da versão atual da chave gerenciada pelo cliente usada para criptografia.
|
currentVersionedKeyIdentifier
|
string
|
O identificador de objeto da chave do cofre da chave com versão atual em uso.
|
keyname
|
string
|
O nome da chave KeyVault.
|
keyvaulturi
|
string
|
O Uri do KeyVault.
|
keyversion
|
string
|
A versão da chave KeyVault.
|
lastKeyRotationTimestamp
|
string
|
Carimbo de data/hora da última rotação da chave do cofre da chave.
|
Kind
Indica o tipo de conta de armazenamento.
Name |
Tipo |
Description |
BlobStorage
|
string
|
|
BlockBlobStorage
|
string
|
|
FileStorage
|
string
|
|
Storage
|
string
|
|
StorageV2
|
string
|
|
LargeFileSharesState
Permita compartilhamentos de arquivos grandes se definido como Habilitado. Ele não pode ser desativado uma vez que está ativado.
Name |
Tipo |
Description |
Disabled
|
string
|
|
Enabled
|
string
|
|
MinimumTlsVersion
Defina a versão mínima do TLS a ser permitida em solicitações de armazenamento. A interpretação padrão é TLS 1.0 para esta propriedade.
Name |
Tipo |
Description |
TLS1_0
|
string
|
|
TLS1_1
|
string
|
|
TLS1_2
|
string
|
|
TLS1_3
|
string
|
|
NetworkRuleSet
Conjunto de regras de rede
Name |
Tipo |
Default value |
Description |
bypass
|
Bypass
|
AzureServices
|
Especifica se o tráfego é ignorado para Logging/Metrics/AzureServices. Os valores possíveis são qualquer combinação de Logging|Métricas|AzureServices (por exemplo, "Logging, Metrics") ou Nenhum para ignorar nenhum desses tráfegos.
|
defaultAction
|
DefaultAction
|
Allow
|
Especifica a ação padrão de permitir ou negar quando nenhuma outra regra corresponder.
|
ipRules
|
IPRule[]
|
|
Define as regras da ACL IP
|
resourceAccessRules
|
ResourceAccessRule[]
|
|
Define as regras de acesso aos recursos
|
virtualNetworkRules
|
VirtualNetworkRule[]
|
|
Define as regras de rede virtual
|
postFailoverRedundancy
O tipo de redundância da conta após a execução de um failover de conta.
Name |
Tipo |
Description |
Standard_LRS
|
string
|
|
Standard_ZRS
|
string
|
|
postPlannedFailoverRedundancy
O tipo de redundância da conta após a execução de um failover de conta planejado.
Name |
Tipo |
Description |
Standard_GRS
|
string
|
|
Standard_GZRS
|
string
|
|
Standard_RAGRS
|
string
|
|
Standard_RAGZRS
|
string
|
|
PrivateEndpoint
O recurso Ponto Final Privado.
Name |
Tipo |
Description |
id
|
string
|
O identificador ARM para Private Endpoint
|
PrivateEndpointConnection
O recurso Private Endpoint Connection.
Name |
Tipo |
Description |
id
|
string
|
ID de recurso totalmente qualificado para o recurso. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
name
|
string
|
O nome do recurso
|
properties.privateEndpoint
|
PrivateEndpoint
|
O recurso do ponto final privado.
|
properties.privateLinkServiceConnectionState
|
PrivateLinkServiceConnectionState
|
Uma recolha de informações sobre o estado da ligação entre o consumidor e o prestador de serviços.
|
properties.provisioningState
|
PrivateEndpointConnectionProvisioningState
|
O estado de provisionamento do recurso de conexão de ponto de extremidade privado.
|
type
|
string
|
O tipo do recurso. Por exemplo, "Microsoft.Compute/virtualMachines" ou "Microsoft.Storage/storageAccounts"
|
PrivateEndpointConnectionProvisioningState
O estado de provisionamento atual.
Name |
Tipo |
Description |
Creating
|
string
|
|
Deleting
|
string
|
|
Failed
|
string
|
|
Succeeded
|
string
|
|
PrivateEndpointServiceConnectionStatus
O status da conexão de ponto de extremidade privado.
Name |
Tipo |
Description |
Approved
|
string
|
|
Pending
|
string
|
|
Rejected
|
string
|
|
PrivateLinkServiceConnectionState
Uma recolha de informações sobre o estado da ligação entre o consumidor e o prestador de serviços.
Name |
Tipo |
Description |
actionRequired
|
string
|
Uma mensagem indicando se as alterações no prestador de serviços exigem atualizações sobre o consumidor.
|
description
|
string
|
O motivo da aprovação/rejeição da ligação.
|
status
|
PrivateEndpointServiceConnectionStatus
|
Indica se a conexão foi aprovada/rejeitada/removida pelo proprietário do serviço.
|
ProvisioningState
Obtém o status da conta de armazenamento no momento em que a operação foi chamada.
Name |
Tipo |
Description |
Creating
|
string
|
|
ResolvingDNS
|
string
|
|
Succeeded
|
string
|
|
PublicNetworkAccess
Permitir, não permitir ou permitir a configuração do Perímetro de Segurança de Rede para avaliar o acesso à rede pública à Conta de Armazenamento. O valor é opcional, mas se passado, deve ser 'Enabled', 'Disabled' ou 'SecuredByPerimeter'.
Name |
Tipo |
Description |
Disabled
|
string
|
|
Enabled
|
string
|
|
SecuredByPerimeter
|
string
|
|
ResourceAccessRule
Regra de Acesso a Recursos.
Name |
Tipo |
Description |
resourceId
|
string
|
ID do recurso
|
tenantId
|
string
|
ID do inquilino
|
RoutingChoice
A opção de roteamento define o tipo de roteamento de rede escolhido pelo usuário.
Name |
Tipo |
Description |
InternetRouting
|
string
|
|
MicrosoftRouting
|
string
|
|
RoutingPreference
Preferência de roteamento define o tipo de rede, seja microsoft ou roteamento de internet a ser usado para entregar os dados do usuário, a opção padrão é roteamento microsoft
Name |
Tipo |
Description |
publishInternetEndpoints
|
boolean
|
Um sinalizador booleano que indica se os pontos de extremidade de armazenamento de roteamento da Internet devem ser publicados
|
publishMicrosoftEndpoints
|
boolean
|
Um sinalizador booleano que indica se os pontos de extremidade de armazenamento de roteamento da Microsoft devem ser publicados
|
routingChoice
|
RoutingChoice
|
A opção de roteamento define o tipo de roteamento de rede escolhido pelo usuário.
|
SasPolicy
SasPolicy atribuído à conta de armazenamento.
Name |
Tipo |
Default value |
Description |
expirationAction
|
ExpirationAction
|
Log
|
A ação de expiração SAS define a ação a ser executada quando sasPolicy.sasExpirationPeriod é violado. A ação 'Log' pode ser usada para fins de auditoria e a ação 'Bloquear' pode ser usada para bloquear e negar o uso de tokens SAS que não aderem ao período de expiração da política sas.
|
sasExpirationPeriod
|
string
|
|
O período de expiração do SAS, DD.HH:MM:SS.
|
Sku
O SKU da conta de armazenamento.
Name |
Tipo |
Description |
name
|
SkuName
|
O nome SKU. Necessário para a criação de conta; opcional para atualização. Observe que, em versões mais antigas, o nome da SKU era chamado accountType.
|
tier
|
SkuTier
|
A camada de SKU. Isso é baseado no nome SKU.
|
SkuConversionStatus
Esta propriedade indica o status atual de conversão de sku.
Name |
Tipo |
Description |
Failed
|
string
|
|
InProgress
|
string
|
|
Succeeded
|
string
|
|
SkuName
O nome SKU. Necessário para a criação de conta; opcional para atualização. Observe que, em versões mais antigas, o nome da SKU era chamado accountType.
Name |
Tipo |
Description |
Premium_LRS
|
string
|
|
Premium_ZRS
|
string
|
|
Standard_GRS
|
string
|
|
Standard_GZRS
|
string
|
|
Standard_LRS
|
string
|
|
Standard_RAGRS
|
string
|
|
Standard_RAGZRS
|
string
|
|
Standard_ZRS
|
string
|
|
SkuTier
A camada de SKU. Isso é baseado no nome SKU.
Name |
Tipo |
Description |
Premium
|
string
|
|
Standard
|
string
|
|
State
Obtém o estado da regra de rede virtual.
Name |
Tipo |
Description |
Deprovisioning
|
string
|
|
Failed
|
string
|
|
NetworkSourceDeleted
|
string
|
|
Provisioning
|
string
|
|
Succeeded
|
string
|
|
StorageAccount
A conta de armazenamento.
Name |
Tipo |
Description |
extendedLocation
|
ExtendedLocation
|
O extendedLocation do recurso.
|
id
|
string
|
ID de recurso totalmente qualificado para o recurso. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
|
identity
|
Identity
|
A identidade do recurso.
|
kind
|
Kind
|
Obtém o tipo.
|
location
|
string
|
A geolocalização onde o recurso vive
|
name
|
string
|
O nome do recurso
|
properties.accessTier
|
AccessTier
|
Necessário para contas de armazenamento onde kind = BlobStorage. A camada de acesso é usada para faturamento. A camada de acesso 'Premium' é o valor padrão para o tipo de conta de armazenamento de blobs de bloco premium e não pode ser alterada para o tipo de conta de armazenamento de blobs de bloco premium.
|
properties.accountMigrationInProgress
|
boolean
|
Se a migração de conta iniciada pelo cliente estiver em andamento, o valor será verdadeiro, caso contrário, será nulo.
|
properties.allowBlobPublicAccess
|
boolean
|
Permitir ou não permitir o acesso público a todos os blobs ou contêineres na conta de armazenamento. A interpretação padrão é falsa para esta propriedade.
|
properties.allowCrossTenantReplication
|
boolean
|
Permitir ou não permitir replicação de objeto de locatário entre AAD. Defina essa propriedade como true para contas novas ou existentes somente se as políticas de replicação de objetos envolverem contas de armazenamento em diferentes locatários do AAD. A interpretação padrão é falsa para que novas contas sigam as melhores práticas de segurança por padrão.
|
properties.allowSharedKeyAccess
|
boolean
|
Indica se a conta de armazenamento permite que as solicitações sejam autorizadas com a chave de acesso da conta por meio da Chave Compartilhada. Se false, todas as solicitações, incluindo assinaturas de acesso compartilhado, devem ser autorizadas com o Azure Ative Directory (Azure AD). O valor padrão é null, que é equivalente a true.
|
properties.allowedCopyScope
|
AllowedCopyScope
|
Restrinja a cópia de e para Contas de Armazenamento dentro de um locatário do AAD ou com Links Privados para a mesma VNet.
|
properties.azureFilesIdentityBasedAuthentication
|
AzureFilesIdentityBasedAuthentication
|
Fornece as configurações de autenticação baseada em identidade para Arquivos do Azure.
|
properties.blobRestoreStatus
|
BlobRestoreStatus
|
Estado de restauro de Blob
|
properties.creationTime
|
string
|
Obtém a data e a hora de criação da conta de armazenamento em UTC.
|
properties.customDomain
|
CustomDomain
|
Obtém o domínio personalizado que o usuário atribuiu a essa conta de armazenamento.
|
properties.defaultToOAuthAuthentication
|
boolean
|
Um sinalizador booleano que indica se a autenticação padrão é OAuth ou não. A interpretação padrão é falsa para esta propriedade.
|
properties.dnsEndpointType
|
DnsEndpointType
|
Permite especificar o tipo de ponto de extremidade. Defina isso como AzureDNSZone para criar um grande número de contas em uma única assinatura, que cria contas em uma Zona DNS do Azure e a URL do ponto de extremidade terá um identificador alfanumérico de Zona DNS.
|
properties.enableExtendedGroups
|
boolean
|
Habilita o suporte estendido a grupos com o recurso de usuários locais, se definido como true
|
properties.encryption
|
Encryption
|
Configurações de criptografia a serem usadas para criptografia do lado do servidor para a conta de armazenamento.
|
properties.failoverInProgress
|
boolean
|
Se o failover estiver em andamento, o valor será true, caso contrário, será nulo.
|
properties.geoReplicationStats
|
GeoReplicationStats
|
Estatísticas de replicação geográfica
|
properties.immutableStorageWithVersioning
|
ImmutableStorageAccount
|
A propriedade é imutável e só pode ser definida como true no momento da criação da conta. Quando definido como true, ele habilita a imutabilidade no nível do objeto para todos os contêineres na conta por padrão.
|
properties.isHnsEnabled
|
boolean
|
Account HierarchicalNamespace habilitado se definido como true.
|
properties.isLocalUserEnabled
|
boolean
|
Habilita o recurso de usuários locais, se definido como true
|
properties.isNfsV3Enabled
|
boolean
|
Suporte ao protocolo NFS 3.0 habilitado se definido como true.
|
properties.isSftpEnabled
|
boolean
|
Habilita o Protocolo de Transferência Segura de Arquivos, se definido como true
|
properties.isSkuConversionBlocked
|
boolean
|
Essa propriedade será definida como true ou false em um evento de migração em andamento. O valor padrão é null.
|
properties.keyCreationTime
|
KeyCreationTime
|
Tempo de criação das chaves da conta de armazenamento.
|
properties.keyPolicy
|
KeyPolicy
|
KeyPolicy atribuído à conta de armazenamento.
|
properties.largeFileSharesState
|
LargeFileSharesState
|
Permita compartilhamentos de arquivos grandes se definido como Habilitado. Ele não pode ser desativado uma vez que está ativado.
|
properties.lastGeoFailoverTime
|
string
|
Obtém o carimbo de data/hora da instância mais recente de um failover para o local secundário. Apenas o carimbo de data/hora mais recente é mantido. Esse elemento não será retornado se nunca tiver havido uma instância de failover. Disponível apenas se o accountType estiver Standard_GRS ou Standard_RAGRS.
|
properties.minimumTlsVersion
|
MinimumTlsVersion
|
Defina a versão mínima do TLS a ser permitida em solicitações de armazenamento. A interpretação padrão é TLS 1.0 para esta propriedade.
|
properties.networkAcls
|
NetworkRuleSet
|
Conjunto de regras de rede
|
properties.primaryEndpoints
|
Endpoints
|
Obtém as URLs usadas para executar uma recuperação de um blob público, fila ou objeto de tabela. Observe que Standard_ZRS e Premium_LRS contas retornam apenas o ponto de extremidade de blob.
|
properties.primaryLocation
|
string
|
Obtém o local do data center principal para a conta de armazenamento.
|
properties.privateEndpointConnections
|
PrivateEndpointConnection[]
|
Lista de conexão de ponto de extremidade privada associada à conta de armazenamento especificada
|
properties.provisioningState
|
ProvisioningState
|
Obtém o status da conta de armazenamento no momento em que a operação foi chamada.
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
Permitir, não permitir ou permitir a configuração do Perímetro de Segurança de Rede para avaliar o acesso à rede pública à Conta de Armazenamento.
|
properties.routingPreference
|
RoutingPreference
|
Mantém informações sobre a opção de roteamento de rede escolhida pelo usuário para transferência de dados
|
properties.sasPolicy
|
SasPolicy
|
SasPolicy atribuído à conta de armazenamento.
|
properties.secondaryEndpoints
|
Endpoints
|
Obtém as URLs usadas para executar uma recuperação de um blob público, fila ou objeto de tabela do local secundário da conta de armazenamento. Disponível apenas se o nome da SKU for Standard_RAGRS.
|
properties.secondaryLocation
|
string
|
Obtém o local do secundário replicado geograficamente para a conta de armazenamento. Disponível apenas se o accountType estiver Standard_GRS ou Standard_RAGRS.
|
properties.statusOfPrimary
|
AccountStatus
|
Obtém o status que indica se o local principal da conta de armazenamento está disponível ou indisponível.
|
properties.statusOfSecondary
|
AccountStatus
|
Obtém o status que indica se o local secundário da conta de armazenamento está disponível ou indisponível. Disponível apenas se o nome da SKU for Standard_GRS ou Standard_RAGRS.
|
properties.storageAccountSkuConversionStatus
|
StorageAccountSkuConversionStatus
|
Essa propriedade é readOnly e é definida pelo servidor durante operações assíncronas de conversão de sku de conta de armazenamento.
|
properties.supportsHttpsTrafficOnly
|
boolean
|
Permite tráfego https somente para o serviço de armazenamento se definido como true.
|
sku
|
Sku
|
Obtém o SKU.
|
tags
|
object
|
Tags de recursos.
|
type
|
string
|
O tipo do recurso. Por exemplo, "Microsoft.Compute/virtualMachines" ou "Microsoft.Storage/storageAccounts"
|
StorageAccountCreateParameters
Os parâmetros usados ao criar uma conta de armazenamento.
Name |
Tipo |
Description |
extendedLocation
|
ExtendedLocation
|
Opcional. Defina o local estendido do recurso. Se não estiver definida, a conta de armazenamento será criada na região principal do Azure. Caso contrário, ele será criado no local estendido especificado
|
identity
|
Identity
|
A identidade do recurso.
|
kind
|
Kind
|
Necessário. Indica o tipo de conta de armazenamento.
|
location
|
string
|
Necessário. Obtém ou define o local do recurso. Esta será uma das Regiões Geográficas do Azure suportadas e registadas (por exemplo, Oeste dos EUA, Leste dos EUA, Sudeste Asiático, etc.). A região geográfica de um recurso não pode ser alterada depois de criado, mas se uma região geográfica idêntica for especificada na atualização, a solicitação terá êxito.
|
properties.accessTier
|
AccessTier
|
Necessário para contas de armazenamento onde kind = BlobStorage. A camada de acesso é usada para faturamento. A camada de acesso 'Premium' é o valor padrão para o tipo de conta de armazenamento de blobs de bloco premium e não pode ser alterada para o tipo de conta de armazenamento de blobs de bloco premium.
|
properties.allowBlobPublicAccess
|
boolean
|
Permitir ou não permitir o acesso público a todos os blobs ou contêineres na conta de armazenamento. A interpretação padrão é falsa para esta propriedade.
|
properties.allowCrossTenantReplication
|
boolean
|
Permitir ou não permitir replicação de objeto de locatário entre AAD. Defina essa propriedade como true para contas novas ou existentes somente se as políticas de replicação de objetos envolverem contas de armazenamento em diferentes locatários do AAD. A interpretação padrão é falsa para que novas contas sigam as melhores práticas de segurança por padrão.
|
properties.allowSharedKeyAccess
|
boolean
|
Indica se a conta de armazenamento permite que as solicitações sejam autorizadas com a chave de acesso da conta por meio da Chave Compartilhada. Se false, todas as solicitações, incluindo assinaturas de acesso compartilhado, devem ser autorizadas com o Azure Ative Directory (Azure AD). O valor padrão é null, que é equivalente a true.
|
properties.allowedCopyScope
|
AllowedCopyScope
|
Restrinja a cópia de e para Contas de Armazenamento dentro de um locatário do AAD ou com Links Privados para a mesma VNet.
|
properties.azureFilesIdentityBasedAuthentication
|
AzureFilesIdentityBasedAuthentication
|
Fornece as configurações de autenticação baseada em identidade para Arquivos do Azure.
|
properties.customDomain
|
CustomDomain
|
Domínio de usuário atribuído à conta de armazenamento. Nome é a fonte CNAME. Apenas um domínio personalizado é suportado por conta de armazenamento no momento. Para limpar o domínio personalizado existente, use uma cadeia de caracteres vazia para a propriedade de nome de domínio personalizado.
|
properties.defaultToOAuthAuthentication
|
boolean
|
Um sinalizador booleano que indica se a autenticação padrão é OAuth ou não. A interpretação padrão é falsa para esta propriedade.
|
properties.dnsEndpointType
|
DnsEndpointType
|
Permite especificar o tipo de ponto de extremidade. Defina isso como AzureDNSZone para criar um grande número de contas em uma única assinatura, que cria contas em uma Zona DNS do Azure e a URL do ponto de extremidade terá um identificador alfanumérico de Zona DNS.
|
properties.enableExtendedGroups
|
boolean
|
Habilita o suporte estendido a grupos com o recurso de usuários locais, se definido como true
|
properties.encryption
|
Encryption
|
Configurações de criptografia a serem usadas para criptografia do lado do servidor para a conta de armazenamento.
|
properties.immutableStorageWithVersioning
|
ImmutableStorageAccount
|
A propriedade é imutável e só pode ser definida como true no momento da criação da conta. Quando definido como true, ele habilita a imutabilidade no nível do objeto para todos os novos contêineres na conta por padrão.
|
properties.isHnsEnabled
|
boolean
|
Account HierarchicalNamespace habilitado se definido como true.
|
properties.isLocalUserEnabled
|
boolean
|
Habilita o recurso de usuários locais, se definido como true
|
properties.isNfsV3Enabled
|
boolean
|
Suporte ao protocolo NFS 3.0 habilitado se definido como true.
|
properties.isSftpEnabled
|
boolean
|
Habilita o Protocolo de Transferência Segura de Arquivos, se definido como true
|
properties.keyPolicy
|
KeyPolicy
|
KeyPolicy atribuído à conta de armazenamento.
|
properties.largeFileSharesState
|
LargeFileSharesState
|
Permita compartilhamentos de arquivos grandes se definido como Habilitado. Ele não pode ser desativado uma vez que está ativado.
|
properties.minimumTlsVersion
|
MinimumTlsVersion
|
Defina a versão mínima do TLS a ser permitida em solicitações de armazenamento. A interpretação padrão é TLS 1.0 para esta propriedade.
|
properties.networkAcls
|
NetworkRuleSet
|
Conjunto de regras de rede
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
Permitir, não permitir ou permitir a configuração do Perímetro de Segurança de Rede para avaliar o acesso à rede pública à Conta de Armazenamento. O valor é opcional, mas se passado, deve ser 'Enabled', 'Disabled' ou 'SecuredByPerimeter'.
|
properties.routingPreference
|
RoutingPreference
|
Mantém informações sobre a opção de roteamento de rede escolhida pelo usuário para transferência de dados
|
properties.sasPolicy
|
SasPolicy
|
SasPolicy atribuído à conta de armazenamento.
|
properties.supportsHttpsTrafficOnly
|
boolean
|
Permite tráfego https somente para o serviço de armazenamento se definido como true. O valor padrão é true desde a versão da API 2019-04-01.
|
sku
|
Sku
|
Necessário. Obtém ou define o nome da SKU.
|
tags
|
object
|
Obtém ou define uma lista de pares de valores de chave que descrevem o recurso. Essas tags podem ser usadas para exibir e agrupar esse recurso (entre grupos de recursos). Um máximo de 15 tags podem ser fornecidas para um recurso. Cada tag deve ter uma chave com um comprimento não superior a 128 caracteres e um valor com um comprimento não superior a 256 caracteres.
|
StorageAccountInternetEndpoints
Os URIs que são usados para executar uma recuperação de um blob público, arquivo, web ou objeto dfs por meio de um ponto de extremidade de roteamento da Internet.
Name |
Tipo |
Description |
blob
|
string
|
Obtém o ponto de extremidade blob.
|
dfs
|
string
|
Obtém o ponto de extremidade dfs.
|
file
|
string
|
Obtém o ponto de extremidade do arquivo.
|
web
|
string
|
Obtém o ponto de extremidade da Web.
|
StorageAccountMicrosoftEndpoints
Os URIs que são usados para executar uma recuperação de um blob público, fila, tabela, web ou objeto dfs por meio de um ponto de extremidade de roteamento da Microsoft.
Name |
Tipo |
Description |
blob
|
string
|
Obtém o ponto de extremidade blob.
|
dfs
|
string
|
Obtém o ponto de extremidade dfs.
|
file
|
string
|
Obtém o ponto de extremidade do arquivo.
|
queue
|
string
|
Obtém o ponto de extremidade da fila.
|
table
|
string
|
Obtém o ponto de extremidade da tabela.
|
web
|
string
|
Obtém o ponto de extremidade da Web.
|
StorageAccountSkuConversionStatus
Isso define o objeto de status de conversão de sku para conversões de sku assíncronas.
Name |
Tipo |
Description |
endTime
|
string
|
Esta propriedade representa a hora de término da conversão de sku.
|
skuConversionStatus
|
SkuConversionStatus
|
Esta propriedade indica o status atual de conversão de sku.
|
startTime
|
string
|
Esta propriedade representa a hora de início da conversão de sku.
|
targetSkuName
|
SkuName
|
Esta propriedade representa o nome da sku de destino para a qual a sku da conta está sendo convertida de forma assíncrona.
|
UserAssignedIdentity
UserAssignedIdentity para o recurso.
Name |
Tipo |
Description |
clientId
|
string
|
O ID do cliente da identidade.
|
principalId
|
string
|
O ID principal da identidade.
|
VirtualNetworkRule
Regra de Rede Virtual.
Name |
Tipo |
Default value |
Description |
action
|
Action
|
Allow
|
A ação da regra de rede virtual.
|
id
|
string
|
|
ID de recurso de uma sub-rede, por exemplo: /subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}.
|
state
|
State
|
|
Obtém o estado da regra de rede virtual.
|