StorageAccountUpdateParameters Class

The parameters that can be provided when updating the storage account properties.

Inheritance
azure.mgmt.storage._serialization.Model
StorageAccountUpdateParameters

Constructor

StorageAccountUpdateParameters(*, sku: _models.Sku | None = None, tags: Dict[str, str] | None = None, identity: _models.Identity | None = None, kind: str | _models.Kind | None = None, custom_domain: _models.CustomDomain | None = None, encryption: _models.Encryption | None = None, sas_policy: _models.SasPolicy | None = None, key_policy: _models.KeyPolicy | None = None, access_tier: str | _models.AccessTier | None = None, azure_files_identity_based_authentication: _models.AzureFilesIdentityBasedAuthentication | None = None, enable_https_traffic_only: bool | None = None, is_sftp_enabled: bool | None = None, is_local_user_enabled: bool | None = None, enable_extended_groups: bool | None = None, network_rule_set: _models.NetworkRuleSet | None = None, large_file_shares_state: str | _models.LargeFileSharesState | None = None, routing_preference: _models.RoutingPreference | None = None, allow_blob_public_access: bool | None = None, minimum_tls_version: str | _models.MinimumTlsVersion | None = None, allow_shared_key_access: bool | None = None, allow_cross_tenant_replication: bool | None = None, default_to_o_auth_authentication: bool | None = None, public_network_access: str | _models.PublicNetworkAccess | None = None, immutable_storage_with_versioning: _models.ImmutableStorageAccount | None = None, allowed_copy_scope: str | _models.AllowedCopyScope | None = None, dns_endpoint_type: str | _models.DnsEndpointType | None = None, **kwargs: Any)

Keyword-Only Parameters

Name Description
sku
Sku

Gets or sets the SKU name. Note that the SKU name cannot be updated to Standard_ZRS, Premium_LRS or Premium_ZRS, nor can accounts of those SKU names be updated to any other value.

tags

Gets or sets a list of key value pairs that describe the resource. These tags can be used in viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key no greater in length than 128 characters and a value no greater in length than 256 characters.

identity

The identity of the resource.

kind
str or Kind

Optional. Indicates the type of storage account. Currently only StorageV2 value supported by server. Known values are: "Storage", "StorageV2", "BlobStorage", "FileStorage", and "BlockBlobStorage".

custom_domain

Custom domain assigned to the storage account by the user. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.

encryption

Not applicable. Azure Storage encryption at rest is enabled by default for all storage accounts and cannot be disabled.

sas_policy

SasPolicy assigned to the storage account.

key_policy

KeyPolicy assigned to the storage account.

access_tier

Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type. Known values are: "Hot", "Cool", "Premium", and "Cold".

azure_files_identity_based_authentication

Provides the identity based authentication settings for Azure Files.

enable_https_traffic_only

Allows https traffic only to storage service if sets to true.

is_sftp_enabled

Enables Secure File Transfer Protocol, if set to true.

is_local_user_enabled

Enables local users feature, if set to true.

enable_extended_groups

Enables extended group support with local users feature, if set to true.

network_rule_set

Network rule set.

large_file_shares_state

Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled. Known values are: "Disabled" and "Enabled".

routing_preference

Maintains information about the network routing choice opted by the user for data transfer.

allow_blob_public_access

Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is false for this property.

minimum_tls_version

Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property. Known values are: "TLS1_0", "TLS1_1", "TLS1_2", and "TLS1_3".

allow_shared_key_access

Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.

allow_cross_tenant_replication

Allow or disallow cross AAD tenant object replication. Set this property to true for new or existing accounts only if object replication policies will involve storage accounts in different AAD tenants. The default interpretation is false for new accounts to follow best security practices by default.

default_to_o_auth_authentication

A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.

public_network_access

Allow, disallow, or let Network Security Perimeter configuration to evaluate public network access to Storage Account. Value is optional but if passed in, must be 'Enabled', 'Disabled' or 'SecuredByPerimeter'. Known values are: "Enabled", "Disabled", and "SecuredByPerimeter".

immutable_storage_with_versioning

The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the containers in the account by default.

allowed_copy_scope

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Known values are: "PrivateLink" and "AAD".

dns_endpoint_type

Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier. Known values are: "Standard" and "AzureDnsZone".

Variables

Name Description
sku
Sku

Gets or sets the SKU name. Note that the SKU name cannot be updated to Standard_ZRS, Premium_LRS or Premium_ZRS, nor can accounts of those SKU names be updated to any other value.

tags

Gets or sets a list of key value pairs that describe the resource. These tags can be used in viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key no greater in length than 128 characters and a value no greater in length than 256 characters.

identity

The identity of the resource.

kind
str or Kind

Optional. Indicates the type of storage account. Currently only StorageV2 value supported by server. Known values are: "Storage", "StorageV2", "BlobStorage", "FileStorage", and "BlockBlobStorage".

custom_domain

Custom domain assigned to the storage account by the user. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.

encryption

Not applicable. Azure Storage encryption at rest is enabled by default for all storage accounts and cannot be disabled.

sas_policy

SasPolicy assigned to the storage account.

key_policy

KeyPolicy assigned to the storage account.

access_tier

Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type. Known values are: "Hot", "Cool", "Premium", and "Cold".

azure_files_identity_based_authentication

Provides the identity based authentication settings for Azure Files.

enable_https_traffic_only

Allows https traffic only to storage service if sets to true.

is_sftp_enabled

Enables Secure File Transfer Protocol, if set to true.

is_local_user_enabled

Enables local users feature, if set to true.

enable_extended_groups

Enables extended group support with local users feature, if set to true.

network_rule_set

Network rule set.

large_file_shares_state

Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled. Known values are: "Disabled" and "Enabled".

routing_preference

Maintains information about the network routing choice opted by the user for data transfer.

allow_blob_public_access

Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is false for this property.

minimum_tls_version

Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property. Known values are: "TLS1_0", "TLS1_1", "TLS1_2", and "TLS1_3".

allow_shared_key_access

Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.

allow_cross_tenant_replication

Allow or disallow cross AAD tenant object replication. Set this property to true for new or existing accounts only if object replication policies will involve storage accounts in different AAD tenants. The default interpretation is false for new accounts to follow best security practices by default.

default_to_o_auth_authentication

A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.

public_network_access

Allow, disallow, or let Network Security Perimeter configuration to evaluate public network access to Storage Account. Value is optional but if passed in, must be 'Enabled', 'Disabled' or 'SecuredByPerimeter'. Known values are: "Enabled", "Disabled", and "SecuredByPerimeter".

immutable_storage_with_versioning

The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the containers in the account by default.

allowed_copy_scope

Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet. Known values are: "PrivateLink" and "AAD".

dns_endpoint_type

Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier. Known values are: "Standard" and "AzureDnsZone".