Remove-AzDataLakeStoreItemAclEntry

Removes an entry from the ACL of a file or folder in Data Lake Store.

Syntax

Remove-AzDataLakeStoreItemAclEntry
      [-Account] <String>
      [-Path] <DataLakeStorePathInstance>
      [-Acl] <DataLakeStoreItemAce[]>
      [-PassThru]
      [-Recurse]
      [-Concurrency <Int32>]
      [-ShowProgress]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]
Remove-AzDataLakeStoreItemAclEntry
      [-Account] <String>
      [-Path] <DataLakeStorePathInstance>
      [-AceType] <AceType>
      [[-Id] <Guid>]
      [-Default]
      [-PassThru]
      [-Recurse]
      [-Concurrency <Int32>]
      [-ShowProgress]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Remove-AzDataLakeStoreItemAclEntry cmdlet removes an entry (ACE) from the access control list (ACL) of a file or folder in Data Lake Store.

Examples

Example 1: Remove a user entry

Remove-AzDataLakeStoreItemAclEntry -AccountName "ContosoADL" -Path / -AceType User -Id (Get-AzADUser -Mail "PattiFuller@contoso.com").ObjectId

This command removes the user ACE for Patti Fuller from the ContosoADL account.

Example 2: Remove a user entry recursively

Remove-AzDataLakeStoreItemAclEntry -AccountName "ContosoADL" -Path / -AceType User -Id (Get-AzADUser -Mail "PattiFuller@contoso.com").ObjectId -Recurse -Concurrency 128

Example 3: Remove permissions for an ACE recursively using Acl object

$fullAcl="user:enterpriseObjectID:rwx,default:user:enterpriseObjectID:rwx"
$newFullAcl = $fullAcl.Split(",")
Remove-AzDataLakeStoreItemAclEntry -AccountName "ContosoADL" -Path / -Acl $newFullAcl -Recurse -Concurrency 128 -ShowProgress -Verbose

This command removes the user ACE for Patti Fuller from the root and recursively from all it's subdirectories and files for account ContosoADL.

Parameters

-Account

Specifies the name of the Data Lake Store account.

Type:String
Aliases:AccountName
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-AceType

Specifies the type of ACE to remove. The acceptable values for this parameter are:

  • User
  • Group
  • Mask
  • Other
Type:Microsoft.Azure.Commands.DataLakeStore.Models.DataLakeStoreEnums+AceType
Accepted values:User, Group, Mask, Other
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Acl

Specifies the ACL object that contains the entries to be removed.

Type:DataLakeStoreItemAce[]
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Concurrency

Number of files/directories processed in parallel. Optional: a reasonable default will be selected

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Default

Indicates that this operation removes the default ACE from the specified ACL.

Type:SwitchParameter
Position:4
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Id

Specifies the object ID of the AzureActive Directory user, group, or service principal for which to remove an ACE.

Type:Guid
Position:3
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PassThru

Indicates a boolean response should be returned indicating the result of the delete operation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Path

Specifies the Data Lake Store path of the item from which to remove an ACE, starting with the root directory (/).

Type:DataLakeStorePathInstance
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Recurse

Indicates the ACL to be removed recursively to the child subdirectories and files

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ShowProgress

If passed then progress status is showed. Only applicable when recursive Acl remove is done.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

DataLakeStorePathInstance

DataLakeStoreItemAce[]

Microsoft.Azure.Commands.DataLakeStore.Models.DataLakeStoreEnums+AceType

Guid

SwitchParameter

Int32

Outputs

Boolean