AccountSasPermissions Class

ResourceTypes class to be used with generate_account_sas function and for the AccessPolicies used with set_*_acl. There are two types of SAS which may be used to grant resource access. One is to grant access to a specific resource (resource-specific). Another is to grant access to the entire service for a specific account and allow certain operations based on perms found here.

Inheritance
builtins.object
AccountSasPermissions

Constructor

AccountSasPermissions(read: bool = False, write: bool = False, delete: bool = False, list: bool = False, add: bool = False, create: bool = False, update: bool = False, process: bool = False, delete_previous_version: bool = False, **kwargs)

Parameters

Name Description
read

Valid for all signed resources types (Service, Container, and Object). Permits read permissions to the specified resource type.

Default value: False
write

Valid for all signed resources types (Service, Container, and Object). Permits write permissions to the specified resource type.

Default value: False
delete

Valid for Container and Object resource types, except for queue messages.

Default value: False
delete_previous_version

Delete the previous blob version for the versioning enabled storage account.

Default value: False
list

Valid for Service and Container resource types only.

Default value: False
add

Valid for the following Object resource types only: queue messages, and append blobs.

Default value: False
create

Valid for the following Object resource types only: blobs and files. Users can create new blobs or files, but may not overwrite existing blobs or files.

Default value: False
update

Valid for the following Object resource types only: queue messages.

Default value: False
process

Valid for the following Object resource type only: queue messages.

Default value: False

Keyword-Only Parameters

Name Description
tag

To enable set or get tags on the blobs in the container.

filter_by_tags

To enable get blobs by tags, this should be used together with list permission.

set_immutability_policy

To enable operations related to set/delete immutability policy. To get immutability policy, you just need read permission.

permanent_delete

To enable permanent delete on the blob is permitted. Valid for Object resource type of Blob only.

Methods

from_string

Create AccountSasPermissions from a string.

To specify read, write, delete, etc. permissions you need only to include the first letter of the word in the string. E.g. for read and write permissions you would provide a string "rw".

from_string

Create AccountSasPermissions from a string.

To specify read, write, delete, etc. permissions you need only to include the first letter of the word in the string. E.g. for read and write permissions you would provide a string "rw".

from_string(permission)

Parameters

Name Description
permission
Required
str

Specify permissions in the string with the first letter of the word.

Returns

Type Description

An AccountSasPermissions object

Attributes

add

add: bool = False

create

create: bool = False

delete

delete: bool = False

delete_previous_version

delete_previous_version: bool = False

filter_by_tags

filter_by_tags: bool = False

list

list: bool = False

permanent_delete

permanent_delete: bool = False

process

process: bool = False

read

read: bool = False

set_immutability_policy

set_immutability_policy: bool = False

tag

tag: bool = False

update

update: bool = False

write

write: bool = False