DataLakeSASSignatureValues interface
ONLY AVAILABLE IN NODE.JS RUNTIME.
DataLakeSASSignatureValues is used to help generating Blob and DataLake service SAS tokens for containers, blobs, filesystem, directories and files.
Properties
| agent |
Optional. Beginning in version 2020-02-10, specifies the Unauthorized AAD Object Id in GUID format. The AAD Object Id of a user that is assumed to be unauthorized by the owner of the user delegation key. The Azure Storage Service will perform an additional POSIX ACL check to determine if the user is authorized to perform the requested operation. This cannot be used in conjuction with preauthorizedAgentObjectId. This is only used for User Delegation SAS. |
| cache |
Optional. The cache-control header for the SAS. |
| content |
Optional. The content-disposition header for the SAS. |
| content |
Optional. The content-encoding header for the SAS. |
| content |
Optional. The content-language header for the SAS. |
| content |
Optional. The content-type header for the SAS. |
| correlation |
Optional. Beginning in version 2020-02-10, this is a GUID value that will be logged in the storage diagnostic logs and can be used to correlate SAS generation with storage resource access. This is only used for User Delegation SAS. |
| directory |
Optional. Beginning in version 2020-02-10, indicate the depth of the directory specified in the canonicalizedresource field of the string-to-sign. The depth of the directory is the number of directories beneath the root folder. |
| encryption |
Optional. Encryption scope to use when sending requests authorized with this SAS URI. |
| expires |
Optional only when identifier is provided. The time after which the SAS will no longer work. |
| file |
The name of the file system the SAS user may access. |
| identifier | Optional. The name of the access policy on the file system this SAS references if any. See https://docs.microsoft.com/en-us/rest/api/storageservices/establishing-a-stored-access-policy |
| ip |
Optional. IP ranges allowed in this SAS. |
| is |
Optional. Beginning in version 2020-02-10, this value defines whether or not the pathName is a directory. If this value is set to true, the Path is a Directory for a Directory SAS. If set to false or default, the Path is a File Path for a File Path SAS. |
| path |
Optional. The path name of the directory or file SAS user may access. Required if snapshotTime is provided. |
| permissions | Optional only when identifier is provided. Please refer to FileSystemSASPermissions, DirectorySASPermissions or DataLakeSASPermissions depending on the resource being accessed for help constructing the permissions string. |
| preauthorized |
Optional. Beginning in version 2020-02-10, specifies the Authorized AAD Object Id in GUID format. The AAD Object ID of a user authorized by the owner of the user delegation key to perform the action granted by the SAS. The Azure Storage service will ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the user specified in this value will be performed. This cannot be used in conjuction with agentObjectId. This is only used for User Delegation SAS. |
| protocol | Optional. SAS protocols, HTTPS only or HTTPSandHTTP |
| snapshot |
Optional. Snapshot timestamp string the SAS user may access. Only supported from API version 2018-11-09. |
| starts |
Optional. When the SAS will take effect. |
| version | The version of the service this SAS will target. If not specified, it will default to the version targeted by the library. |
Property Details
agentObjectId
Optional. Beginning in version 2020-02-10, specifies the Unauthorized AAD Object Id in GUID format. The AAD Object Id of a user that is assumed to be unauthorized by the owner of the user delegation key. The Azure Storage Service will perform an additional POSIX ACL check to determine if the user is authorized to perform the requested operation. This cannot be used in conjuction with preauthorizedAgentObjectId. This is only used for User Delegation SAS.
agentObjectId?: stringProperty Value
string
cacheControl
Optional. The cache-control header for the SAS.
cacheControl?: stringProperty Value
string
contentDisposition
Optional. The content-disposition header for the SAS.
contentDisposition?: stringProperty Value
string
contentEncoding
Optional. The content-encoding header for the SAS.
contentEncoding?: stringProperty Value
string
contentLanguage
Optional. The content-language header for the SAS.
contentLanguage?: stringProperty Value
string
contentType
Optional. The content-type header for the SAS.
contentType?: stringProperty Value
string
correlationId
Optional. Beginning in version 2020-02-10, this is a GUID value that will be logged in the storage diagnostic logs and can be used to correlate SAS generation with storage resource access. This is only used for User Delegation SAS.
correlationId?: stringProperty Value
string
directoryDepth
Optional. Beginning in version 2020-02-10, indicate the depth of the directory specified in the canonicalizedresource field of the string-to-sign. The depth of the directory is the number of directories beneath the root folder.
directoryDepth?: numberProperty Value
number
encryptionScope
Optional. Encryption scope to use when sending requests authorized with this SAS URI.
encryptionScope?: stringProperty Value
string
expiresOn
Optional only when identifier is provided. The time after which the SAS will no longer work.
expiresOn?: DateProperty Value
Date
fileSystemName
The name of the file system the SAS user may access.
fileSystemName: stringProperty Value
string
identifier
Optional. The name of the access policy on the file system this SAS references if any.
See https://docs.microsoft.com/en-us/rest/api/storageservices/establishing-a-stored-access-policy
identifier?: stringProperty Value
string
ipRange
isDirectory
Optional. Beginning in version 2020-02-10, this value defines whether or not the pathName is a directory. If this value is set to true, the Path is a Directory for a Directory SAS. If set to false or default, the Path is a File Path for a File Path SAS.
isDirectory?: booleanProperty Value
boolean
pathName
Optional. The path name of the directory or file SAS user may access. Required if snapshotTime is provided.
pathName?: stringProperty Value
string
permissions
Optional only when identifier is provided. Please refer to FileSystemSASPermissions, DirectorySASPermissions or DataLakeSASPermissions depending on the resource being accessed for help constructing the permissions string.
permissions?: DataLakeSASPermissions | DirectorySASPermissions | FileSystemSASPermissionsProperty Value
preauthorizedAgentObjectId
Optional. Beginning in version 2020-02-10, specifies the Authorized AAD Object Id in GUID format. The AAD Object ID of a user authorized by the owner of the user delegation key to perform the action granted by the SAS. The Azure Storage service will ensure that the owner of the user delegation key has the required permissions before granting access but no additional permission check for the user specified in this value will be performed. This cannot be used in conjuction with agentObjectId. This is only used for User Delegation SAS.
preauthorizedAgentObjectId?: stringProperty Value
string
protocol
Optional. SAS protocols, HTTPS only or HTTPSandHTTP
protocol?: SASProtocolProperty Value
snapshotTime
Optional. Snapshot timestamp string the SAS user may access. Only supported from API version 2018-11-09.
snapshotTime?: stringProperty Value
string
startsOn
Optional. When the SAS will take effect.
startsOn?: DateProperty Value
Date
version
The version of the service this SAS will target. If not specified, it will default to the version targeted by the library.
version?: stringProperty Value
string