Microsoft.Storage storageAccounts/localUsers
Bicep resource definition
The storageAccounts/localUsers resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Storage/storageAccounts/localUsers resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Storage/storageAccounts/localUsers@2023-05-01' = {
parent: resourceSymbolicName
name: 'string'
properties: {
allowAclAuthorization: bool
extendedGroups: [
int
]
groupId: int
hasSharedKey: bool
hasSshKey: bool
hasSshPassword: bool
homeDirectory: 'string'
isNFSv3Enabled: bool
permissionScopes: [
{
permissions: 'string'
resourceName: 'string'
service: 'string'
}
]
sshAuthorizedKeys: [
{
description: 'string'
key: 'string'
}
]
}
}
Property values
LocalUserProperties
Name | Description | Value |
---|---|---|
allowAclAuthorization | Indicates whether ACL authorization is allowed for this user. Set it to false to disallow using ACL authorization. | bool |
extendedGroups | Supplementary group membership. Only applicable for local users enabled for NFSv3 access. | int[] |
groupId | An identifier for associating a group of users. | int |
hasSharedKey | Indicates whether shared key exists. Set it to false to remove existing shared key. | bool |
hasSshKey | Indicates whether ssh key exists. Set it to false to remove existing SSH key. | bool |
hasSshPassword | Indicates whether ssh password exists. Set it to false to remove existing SSH password. | bool |
homeDirectory | Optional, local user home directory. | string |
isNFSv3Enabled | Indicates if the local user is enabled for access with NFSv3 protocol. | bool |
permissionScopes | The permission scopes of the local user. | PermissionScope[] |
sshAuthorizedKeys | Optional, local user ssh authorized keys for SFTP. | SshPublicKey[] |
Microsoft.Storage/storageAccounts/localUsers
Name | Description | Value |
---|---|---|
name | The resource name | string Constraints: Min length = 3 Max length = 3 (required) |
parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: storageAccounts |
properties | Storage account local user properties. | LocalUserProperties |
PermissionScope
Name | Description | Value |
---|---|---|
permissions | The permissions for the local user. Possible values include: Read (r), Write (w), Delete (d), List (l), Create (c), Modify Ownership (o), and Modify Permissions (p). | string (required) |
resourceName | The name of resource, normally the container name or the file share name, used by the local user. | string (required) |
service | The service used by the local user, e.g. blob, file. | string (required) |
SshPublicKey
Name | Description | Value |
---|---|---|
description | Optional. It is used to store the function/usage of the key | string |
key | Ssh public key base64 encoded. The format should be: '<keyType> <keyData>', e.g. ssh-rsa AAAABBBB | string |
Quickstart samples
The following quickstart samples deploy this resource type.
Bicep File | Description |
---|---|
Create Storage Account with SFTP enabled | Creates an Azure Storage account and a blob container that can be accessed using SFTP protocol. Access can be password or public-key based. |
ARM template resource definition
The storageAccounts/localUsers resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Storage/storageAccounts/localUsers resource, add the following JSON to your template.
{
"type": "Microsoft.Storage/storageAccounts/localUsers",
"apiVersion": "2023-05-01",
"name": "string",
"properties": {
"allowAclAuthorization": "bool",
"extendedGroups": [ "int" ],
"groupId": "int",
"hasSharedKey": "bool",
"hasSshKey": "bool",
"hasSshPassword": "bool",
"homeDirectory": "string",
"isNFSv3Enabled": "bool",
"permissionScopes": [
{
"permissions": "string",
"resourceName": "string",
"service": "string"
}
],
"sshAuthorizedKeys": [
{
"description": "string",
"key": "string"
}
]
}
}
Property values
LocalUserProperties
Name | Description | Value |
---|---|---|
allowAclAuthorization | Indicates whether ACL authorization is allowed for this user. Set it to false to disallow using ACL authorization. | bool |
extendedGroups | Supplementary group membership. Only applicable for local users enabled for NFSv3 access. | int[] |
groupId | An identifier for associating a group of users. | int |
hasSharedKey | Indicates whether shared key exists. Set it to false to remove existing shared key. | bool |
hasSshKey | Indicates whether ssh key exists. Set it to false to remove existing SSH key. | bool |
hasSshPassword | Indicates whether ssh password exists. Set it to false to remove existing SSH password. | bool |
homeDirectory | Optional, local user home directory. | string |
isNFSv3Enabled | Indicates if the local user is enabled for access with NFSv3 protocol. | bool |
permissionScopes | The permission scopes of the local user. | PermissionScope[] |
sshAuthorizedKeys | Optional, local user ssh authorized keys for SFTP. | SshPublicKey[] |
Microsoft.Storage/storageAccounts/localUsers
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2023-05-01' |
name | The resource name | string Constraints: Min length = 3 Max length = 3 (required) |
properties | Storage account local user properties. | LocalUserProperties |
type | The resource type | 'Microsoft.Storage/storageAccounts/localUsers' |
PermissionScope
Name | Description | Value |
---|---|---|
permissions | The permissions for the local user. Possible values include: Read (r), Write (w), Delete (d), List (l), Create (c), Modify Ownership (o), and Modify Permissions (p). | string (required) |
resourceName | The name of resource, normally the container name or the file share name, used by the local user. | string (required) |
service | The service used by the local user, e.g. blob, file. | string (required) |
SshPublicKey
Name | Description | Value |
---|---|---|
description | Optional. It is used to store the function/usage of the key | string |
key | Ssh public key base64 encoded. The format should be: '<keyType> <keyData>', e.g. ssh-rsa AAAABBBB | string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template | Description |
---|---|
Create Storage Account with SFTP enabled |
Creates an Azure Storage account and a blob container that can be accessed using SFTP protocol. Access can be password or public-key based. |
Terraform (AzAPI provider) resource definition
The storageAccounts/localUsers resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Storage/storageAccounts/localUsers resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Storage/storageAccounts/localUsers@2023-05-01"
name = "string"
body = jsonencode({
properties = {
allowAclAuthorization = bool
extendedGroups = [
int
]
groupId = int
hasSharedKey = bool
hasSshKey = bool
hasSshPassword = bool
homeDirectory = "string"
isNFSv3Enabled = bool
permissionScopes = [
{
permissions = "string"
resourceName = "string"
service = "string"
}
]
sshAuthorizedKeys = [
{
description = "string"
key = "string"
}
]
}
})
}
Property values
LocalUserProperties
Name | Description | Value |
---|---|---|
allowAclAuthorization | Indicates whether ACL authorization is allowed for this user. Set it to false to disallow using ACL authorization. | bool |
extendedGroups | Supplementary group membership. Only applicable for local users enabled for NFSv3 access. | int[] |
groupId | An identifier for associating a group of users. | int |
hasSharedKey | Indicates whether shared key exists. Set it to false to remove existing shared key. | bool |
hasSshKey | Indicates whether ssh key exists. Set it to false to remove existing SSH key. | bool |
hasSshPassword | Indicates whether ssh password exists. Set it to false to remove existing SSH password. | bool |
homeDirectory | Optional, local user home directory. | string |
isNFSv3Enabled | Indicates if the local user is enabled for access with NFSv3 protocol. | bool |
permissionScopes | The permission scopes of the local user. | PermissionScope[] |
sshAuthorizedKeys | Optional, local user ssh authorized keys for SFTP. | SshPublicKey[] |
Microsoft.Storage/storageAccounts/localUsers
Name | Description | Value |
---|---|---|
name | The resource name | string Constraints: Min length = 3 Max length = 3 (required) |
parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: storageAccounts |
properties | Storage account local user properties. | LocalUserProperties |
type | The resource type | "Microsoft.Storage/storageAccounts/localUsers@2023-05-01" |
PermissionScope
Name | Description | Value |
---|---|---|
permissions | The permissions for the local user. Possible values include: Read (r), Write (w), Delete (d), List (l), Create (c), Modify Ownership (o), and Modify Permissions (p). | string (required) |
resourceName | The name of resource, normally the container name or the file share name, used by the local user. | string (required) |
service | The service used by the local user, e.g. blob, file. | string (required) |
SshPublicKey
Name | Description | Value |
---|---|---|
description | Optional. It is used to store the function/usage of the key | string |
key | Ssh public key base64 encoded. The format should be: '<keyType> <keyData>', e.g. ssh-rsa AAAABBBB | string |