get
suspend fun getAccountBlobContainerSAS(argument: GetAccountBlobContainerSASPlainArgs): GetAccountBlobContainerSASResult
Use this data source to obtain a Shared Access Signature (SAS Token) for an existing Storage Account Blob Container. Shared access signatures allow fine-grained, ephemeral access control to various aspects of an Azure Storage Account Blob Container.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const rg = new azure.core.ResourceGroup("rg", {
name: "resourceGroupName",
location: "West Europe",
});
const storage = new azure.storage.Account("storage", {
name: "storageaccountname",
resourceGroupName: rg.name,
location: rg.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const container = new azure.storage.Container("container", {
name: "mycontainer",
storageAccountName: storage.name,
containerAccessType: "private",
});
const example = azure.storage.getAccountBlobContainerSASOutput({
connectionString: storage.primaryConnectionString,
containerName: container.name,
httpsOnly: true,
ipAddress: "168.1.5.65",
start: "2018-03-21",
expiry: "2018-03-21",
permissions: {
read: true,
add: true,
create: false,
write: false,
"delete": true,
list: true,
},
cacheControl: "max-age=5",
contentDisposition: "inline",
contentEncoding: "deflate",
contentLanguage: "en-US",
contentType: "application/json",
});
export const sasUrlQueryString = example.apply(example => example.sas);Content copied to clipboard
import pulumi
import pulumi_azure as azure
rg = azure.core.ResourceGroup("rg",
name="resourceGroupName",
location="West Europe")
storage = azure.storage.Account("storage",
name="storageaccountname",
resource_group_name=rg.name,
location=rg.location,
account_tier="Standard",
account_replication_type="LRS")
container = azure.storage.Container("container",
name="mycontainer",
storage_account_name=storage.name,
container_access_type="private")
example = azure.storage.get_account_blob_container_sas_output(connection_string=storage.primary_connection_string,
container_name=container.name,
https_only=True,
ip_address="168.1.5.65",
start="2018-03-21",
expiry="2018-03-21",
permissions={
"read": True,
"add": True,
"create": False,
"write": False,
"delete": True,
"list": True,
},
cache_control="max-age=5",
content_disposition="inline",
content_encoding="deflate",
content_language="en-US",
content_type="application/json")
pulumi.export("sasUrlQueryString", example.sas)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var rg = new Azure.Core.ResourceGroup("rg", new()
{
Name = "resourceGroupName",
Location = "West Europe",
});
var storage = new Azure.Storage.Account("storage", new()
{
Name = "storageaccountname",
ResourceGroupName = rg.Name,
Location = rg.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var container = new Azure.Storage.Container("container", new()
{
Name = "mycontainer",
StorageAccountName = storage.Name,
ContainerAccessType = "private",
});
var example = Azure.Storage.GetAccountBlobContainerSAS.Invoke(new()
{
ConnectionString = storage.PrimaryConnectionString,
ContainerName = container.Name,
HttpsOnly = true,
IpAddress = "168.1.5.65",
Start = "2018-03-21",
Expiry = "2018-03-21",
Permissions = new Azure.Storage.Inputs.GetAccountBlobContainerSASPermissionsInputArgs
{
Read = true,
Add = true,
Create = false,
Write = false,
Delete = true,
List = true,
},
CacheControl = "max-age=5",
ContentDisposition = "inline",
ContentEncoding = "deflate",
ContentLanguage = "en-US",
ContentType = "application/json",
});
return new Dictionary<string, object?>
{
["sasUrlQueryString"] = example.Apply(getAccountBlobContainerSASResult => getAccountBlobContainerSASResult.Sas),
};
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
rg, err := core.NewResourceGroup(ctx, "rg", &core.ResourceGroupArgs{
Name: pulumi.String("resourceGroupName"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
storage, err := storage.NewAccount(ctx, "storage", &storage.AccountArgs{
Name: pulumi.String("storageaccountname"),
ResourceGroupName: rg.Name,
Location: rg.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
container, err := storage.NewContainer(ctx, "container", &storage.ContainerArgs{
Name: pulumi.String("mycontainer"),
StorageAccountName: storage.Name,
ContainerAccessType: pulumi.String("private"),
})
if err != nil {
return err
}
example := storage.GetAccountBlobContainerSASOutput(ctx, storage.GetAccountBlobContainerSASOutputArgs{
ConnectionString: storage.PrimaryConnectionString,
ContainerName: container.Name,
HttpsOnly: pulumi.Bool(true),
IpAddress: pulumi.String("168.1.5.65"),
Start: pulumi.String("2018-03-21"),
Expiry: pulumi.String("2018-03-21"),
Permissions: &storage.GetAccountBlobContainerSASPermissionsArgs{
Read: pulumi.Bool(true),
Add: pulumi.Bool(true),
Create: pulumi.Bool(false),
Write: pulumi.Bool(false),
Delete: pulumi.Bool(true),
List: pulumi.Bool(true),
},
CacheControl: pulumi.String("max-age=5"),
ContentDisposition: pulumi.String("inline"),
ContentEncoding: pulumi.String("deflate"),
ContentLanguage: pulumi.String("en-US"),
ContentType: pulumi.String("application/json"),
}, nil)
ctx.Export("sasUrlQueryString", example.ApplyT(func(example storage.GetAccountBlobContainerSASResult) (*string, error) {
return &example.Sas, nil
}).(pulumi.StringPtrOutput))
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.Container;
import com.pulumi.azure.storage.ContainerArgs;
import com.pulumi.azure.storage.StorageFunctions;
import com.pulumi.azure.storage.inputs.GetAccountBlobContainerSASArgs;
import com.pulumi.azure.storage.inputs.GetAccountBlobContainerSASPermissionsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var rg = new ResourceGroup("rg", ResourceGroupArgs.builder()
.name("resourceGroupName")
.location("West Europe")
.build());
var storage = new Account("storage", AccountArgs.builder()
.name("storageaccountname")
.resourceGroupName(rg.name())
.location(rg.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var container = new Container("container", ContainerArgs.builder()
.name("mycontainer")
.storageAccountName(storage.name())
.containerAccessType("private")
.build());
final var example = StorageFunctions.getAccountBlobContainerSAS(GetAccountBlobContainerSASArgs.builder()
.connectionString(storage.primaryConnectionString())
.containerName(container.name())
.httpsOnly(true)
.ipAddress("168.1.5.65")
.start("2018-03-21")
.expiry("2018-03-21")
.permissions(GetAccountBlobContainerSASPermissionsArgs.builder()
.read(true)
.add(true)
.create(false)
.write(false)
.delete(true)
.list(true)
.build())
.cacheControl("max-age=5")
.contentDisposition("inline")
.contentEncoding("deflate")
.contentLanguage("en-US")
.contentType("application/json")
.build());
ctx.export("sasUrlQueryString", example.applyValue(getAccountBlobContainerSASResult -> getAccountBlobContainerSASResult).applyValue(example -> example.applyValue(getAccountBlobContainerSASResult -> getAccountBlobContainerSASResult.sas())));
}
}Content copied to clipboard
resources:
rg:
type: azure:core:ResourceGroup
properties:
name: resourceGroupName
location: West Europe
storage:
type: azure:storage:Account
properties:
name: storageaccountname
resourceGroupName: ${rg.name}
location: ${rg.location}
accountTier: Standard
accountReplicationType: LRS
container:
type: azure:storage:Container
properties:
name: mycontainer
storageAccountName: ${storage.name}
containerAccessType: private
variables:
example:
fn::invoke:
function: azure:storage:getAccountBlobContainerSAS
arguments:
connectionString: ${storage.primaryConnectionString}
containerName: ${container.name}
httpsOnly: true
ipAddress: 168.1.5.65
start: 2018-03-21
expiry: 2018-03-21
permissions:
read: true
add: true
create: false
write: false
delete: true
list: true
cacheControl: max-age=5
contentDisposition: inline
contentEncoding: deflate
contentLanguage: en-US
contentType: application/json
outputs:
sasUrlQueryString: ${example.sas}Content copied to clipboard
Return
A collection of values returned by getAccountBlobContainerSAS.
Parameters
argument
A collection of arguments for invoking getAccountBlobContainerSAS.
suspend fun getAccountBlobContainerSAS(cacheControl: String? = null, connectionString: String, containerName: String, contentDisposition: String? = null, contentEncoding: String? = null, contentLanguage: String? = null, contentType: String? = null, expiry: String, httpsOnly: Boolean? = null, ipAddress: String? = null, permissions: GetAccountBlobContainerSASPermissions, start: String): GetAccountBlobContainerSASResult
Return
A collection of values returned by getAccountBlobContainerSAS.
Parameters
cache
The Cache-Control response header that is sent when this SAS token is used.
connection
The connection string for the storage account to which this SAS applies. Typically directly from the primary_connection_string attribute of an azure.storage.Account resource.
container
Name of the container.
content
The Content-Disposition response header that is sent when this SAS token is used.
content
The Content-Encoding response header that is sent when this SAS token is used.
content
The Content-Language response header that is sent when this SAS token is used.
content
The Content-Type response header that is sent when this SAS token is used.
expiry
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
NOTE: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
https
Only permit https access. If false, both http and https are permitted. Defaults to true.
ip
Single IPv4 address or range (connected with a dash) of IPv4 addresses.
permissions
A permissions block as defined below.
start
The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
See also
suspend fun getAccountBlobContainerSAS(argument: suspend GetAccountBlobContainerSASPlainArgsBuilder.() -> Unit): GetAccountBlobContainerSASResult
Return
A collection of values returned by getAccountBlobContainerSAS.
Parameters
argument
Builder for com.pulumi.azure.storage.kotlin.inputs.GetAccountBlobContainerSASPlainArgs.