Share via

AccountSasPermissions Class

  • Reference

ResourceTypes class to be used with generate_account_sas function and for the AccessPolicies used with set_*_acl. There are two types of SAS which may be used to grant resource access. One is to grant access to a specific resource (resource-specific). Another is to grant access to the entire service for a specific account and allow certain operations based on perms found here.

Inheritance
builtins.object
AccountSasPermissions

Constructor

AccountSasPermissions(read: bool = False, write: bool = False, delete: bool = False, list: bool = False, add: bool = False, create: bool = False, update: bool = False, process: bool = False, delete_previous_version: bool = False, **kwargs)

Parameters

Name Description
read
bool

Valid for all signed resources types (Service, Container, and Object). Permits read permissions to the specified resource type.

Default value: False
write
bool

Valid for all signed resources types (Service, Container, and Object). Permits write permissions to the specified resource type.

Default value: False
delete
bool

Valid for Container and Object resource types, except for queue messages.

Default value: False
delete_previous_version
bool

Delete the previous blob version for the versioning enabled storage account.

Default value: False
list
bool

Valid for Service and Container resource types only.

Default value: False
add
bool

Valid for the following Object resource types only: queue messages, and append blobs.

Default value: False
create
bool

Valid for the following Object resource types only: blobs and files. Users can create new blobs or files, but may not overwrite existing blobs or files.

Default value: False
update
bool

Valid for the following Object resource types only: queue messages.

Default value: False
process
bool

Valid for the following Object resource type only: queue messages.

Default value: False

Keyword-Only Parameters

Name Description
tag
bool

To enable set or get tags on the blobs in the container.
filter_by_tags
bool

To enable get blobs by tags, this should be used together with list permission.
set_immutability_policy
bool

To enable operations related to set/delete immutability policy. To get immutability policy, you just need read permission.
permanent_delete
bool

To enable permanent delete on the blob is permitted. Valid for Object resource type of Blob only.

Methods

from_string

Create AccountSasPermissions from a string.

To specify read, write, delete, etc. permissions you need only to include the first letter of the word in the string. E.g. for read and write permissions you would provide a string "rw".

from_string

Create AccountSasPermissions from a string.

To specify read, write, delete, etc. permissions you need only to include the first letter of the word in the string. E.g. for read and write permissions you would provide a string "rw".

from_string(permission)

Parameters

Name Description
permission
Required
str

Specify permissions in the string with the first letter of the word.

Returns

Type Description
AccountSasPermissions

An AccountSasPermissions object

Attributes

add 

add: bool = False

create 

create: bool = False

delete 

delete: bool = False

delete_previous_version 

delete_previous_version: bool = False

filter_by_tags 

filter_by_tags: bool = False

list 

list: bool = False

permanent_delete 

permanent_delete: bool = False

process 

process: bool = False

read 

read: bool = False

set_immutability_policy 

set_immutability_policy: bool = False

tag 

tag: bool = False

update 

update: bool = False

write 

write: bool = False