DataLakeSasBuilder Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
DataLakeSasBuilder is used to generate a Shared Access Signature (SAS) for a Data Lake file system or path
For more information, see
Constructing a Service SAS.
public class DataLakeSasBuilder
type DataLakeSasBuilder = class
Public Class DataLakeSasBuilder
- Inheritance
-
DataLakeSasBuilder
Constructors
DataLakeSasBuilder(DataLakeFileSystemSasPermissions, DateTimeOffset) |
Initializes a new instance of the DataLakeSasBuilder class to create a Blob Service Sas. |
DataLakeSasBuilder(DataLakeSasPermissions, DateTimeOffset) |
Initializes a new instance of the DataLakeSasBuilder class to create a Blob Service Sas. |
Properties
AgentObjectId |
Optional. Beginning in version 2020-02-10, this value will be used for the AAD Object ID of a user authorized by the owner of the User Delegation Key to perform the action granted by the SAS. The Azure Storage service will ensure that the owner of the user delegation key has the required permissions before granting access. the Azure Storage Service will perform an additional POSIX ACL check to determine if the user is authorized to perform the requested operation. This cannot be used in conjuction with PreauthorizedAgentObjectId. This is only used with generating User Delegation SAS. |
CacheControl |
Override the value returned for Cache-Control response header. |
ContentDisposition |
Override the value returned for Content-Disposition response header. |
ContentEncoding |
Override the value returned for Cache-Encoding response header. |
ContentLanguage |
Override the value returned for Cache-Language response header. |
ContentType |
Override the value returned for Cache-Type response header. |
CorrelationId |
Optional. Beginning in version 2020-02-10, this value will be used for to correlate the storage audit logs with the audit logs used by the principal generating and distributing SAS. This is only used for User Delegation SAS. |
EncryptionScope |
Optional. Encryption scope to use when sending requests authorized with this SAS URI. |
ExpiresOn |
The time at which the shared access signature becomes invalid. This field must be omitted if it has been specified in an associated stored access policy. |
FileSystemName |
The name of the file system being made accessible. |
Identifier |
An optional unique value up to 64 characters in length that correlates to an access policy specified for the file system. |
IPRange |
Specifies an IP address or a range of IP addresses from which to accept requests. If the IP address from which the request originates does not match the IP address or address range specified on the SAS token, the request is not authenticated. When specifying a range of IP addresses, note that the range is inclusive. |
IsDirectory |
Beginning in version 2020-02-10, this value defines whether or not the Path is a directory. If this value is set to true, the Path is a Directory for a Directory SAS. If set to false or default, the Path is a File Path for a File Path SAS. |
Path |
The name of the path being made accessible, or Empty for a file system SAS. Beginning in version 2020-02-10, setting IsDirectory to true means we will accept the Path as a directory for a directory SAS. If not set, this value is assumed to be a File Path for a File Path SAS. |
Permissions |
The permissions associated with the shared access signature. The user is restricted to operations allowed by the permissions. This field must be omitted if it has been specified in an associated stored access policy. The DataLakeSasPermissions, DataLakeFileSystemSasPermissions or DataLakeAccountSasPermissions can be used to create the permissions string. |
PreauthorizedAgentObjectId |
Optional. Beginning in version 2020-02-10, this value will be used for the AAD Object ID of a user authorized by the owner of the User Delegation Key to perform the action granted by the SAS. The Azure Storage service will ensure that the owner of the user delegation key has the required permissions before granting access. No additional permission check for the user specified in this value will be performed. This cannot be used in conjuction with AgentObjectId. This is only used with generating User Delegation SAS. |
Protocol |
The optional signed protocol field specifies the protocol permitted for a request made with the SAS. Possible values are HttpsAndHttp, Https, and None. |
Resource |
Specifies which resources are accessible via the shared access signature. Specify "b" if the shared resource is a blob. This grants access to the content and metadata of the blob. Specify "c" if the shared resource is a blob container. This grants access to the content and metadata of any blob in the container, and to the list of blobs in the container. Beginning in version 2018-11-09, specify "bs" if the shared resource is a blob snapshot. This grants access to the content and metadata of the specific snapshot, but not the corresponding root blob. Beginning in version 2020-02-10, specify "d" if the shared resource is a DataLake directory. This grants access to the paths in the directory and to list the paths in the directory. When "d" is specified, the sdd query parameter is also required. |
StartsOn |
Optionally specify the time at which the shared access signature becomes valid. If omitted when DateTimeOffset.MinValue is used, start time for this call is assumed to be the time when the storage service receives the request. |
Methods
SetPermissions(DataLakeAccountSasPermissions) |
Sets the permissions for a path account level SAS. |
SetPermissions(DataLakeFileSystemSasPermissions) |
Sets the permissions for a file system SAS. |
SetPermissions(DataLakeSasPermissions) |
Sets the permissions for a file SAS. |
SetPermissions(String, Boolean) |
Sets the permissions for the SAS using a raw permissions string. |
SetPermissions(String) |
Sets the permissions for the SAS using a raw permissions string. |
ToSasQueryParameters(StorageSharedKeyCredential, String) |
Use an account's StorageSharedKeyCredential to sign this shared access signature values to produce the proper SAS query parameters for authenticating requests. |
ToSasQueryParameters(StorageSharedKeyCredential) |
Use an account's StorageSharedKeyCredential to sign this shared access signature values to produce the proper SAS query parameters for authenticating requests. |
ToSasQueryParameters(UserDelegationKey, String, String) |
Use an account's UserDelegationKey to sign this shared access signature values to produce the proper SAS query parameters for authenticating requests. |
ToSasQueryParameters(UserDelegationKey, String) |
Use an account's UserDelegationKey to sign this shared access signature values to produce the proper SAS query parameters for authenticating requests. |