We recommend using Azure Native.
Viewing docs for Azure v6.35.0
published on Tuesday, Apr 21, 2026 by Pulumi
published on Tuesday, Apr 21, 2026 by Pulumi
We recommend using Azure Native.
Viewing docs for Azure v6.35.0
published on Tuesday, Apr 21, 2026 by Pulumi
published on Tuesday, Apr 21, 2026 by Pulumi
Use this data source to obtain a Shared Access Signature (SAS Token) for an existing Storage Account.
Shared access signatures allow fine-grained, ephemeral access control to various aspects of an Azure Storage Account.
Note that this is an Account SAS and not a Service SAS.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("example", {
name: "resourceGroupName",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "storageaccountname",
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
accountTier: "Standard",
accountReplicationType: "GRS",
tags: {
environment: "staging",
},
});
const example = azure.storage.getAccountSASOutput({
connectionString: exampleAccount.primaryConnectionString,
httpsOnly: true,
signedVersion: "2022-11-02",
resourceTypes: {
service: true,
container: false,
object: false,
},
services: {
blob: true,
queue: false,
table: false,
file: false,
},
start: "2018-03-21T00:00:00Z",
expiry: "2020-03-21T00:00:00Z",
permissions: {
read: true,
write: true,
"delete": false,
list: false,
add: true,
create: true,
update: false,
process: false,
tag: false,
filter: false,
},
});
export const sasUrlQueryString = example.apply(example => example.sas);
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("example",
name="resourceGroupName",
location="West Europe")
example_account = azure.storage.Account("example",
name="storageaccountname",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
account_tier="Standard",
account_replication_type="GRS",
tags={
"environment": "staging",
})
example = azure.storage.get_account_sas_output(connection_string=example_account.primary_connection_string,
https_only=True,
signed_version="2022-11-02",
resource_types={
"service": True,
"container": False,
"object": False,
},
services={
"blob": True,
"queue": False,
"table": False,
"file": False,
},
start="2018-03-21T00:00:00Z",
expiry="2020-03-21T00:00:00Z",
permissions={
"read": True,
"write": True,
"delete": False,
"list": False,
"add": True,
"create": True,
"update": False,
"process": False,
"tag": False,
"filter": False,
})
pulumi.export("sasUrlQueryString", example.sas)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("resourceGroupName"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("storageaccountname"),
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("GRS"),
Tags: pulumi.StringMap{
"environment": pulumi.String("staging"),
},
})
if err != nil {
return err
}
example := storage.GetAccountSASOutput(ctx, storage.GetAccountSASOutputArgs{
ConnectionString: exampleAccount.PrimaryConnectionString,
HttpsOnly: pulumi.Bool(true),
SignedVersion: pulumi.String("2022-11-02"),
ResourceTypes: &storage.GetAccountSASResourceTypesArgs{
Service: pulumi.Bool(true),
Container: pulumi.Bool(false),
Object: pulumi.Bool(false),
},
Services: &storage.GetAccountSASServicesArgs{
Blob: pulumi.Bool(true),
Queue: pulumi.Bool(false),
Table: pulumi.Bool(false),
File: pulumi.Bool(false),
},
Start: pulumi.String("2018-03-21T00:00:00Z"),
Expiry: pulumi.String("2020-03-21T00:00:00Z"),
Permissions: &storage.GetAccountSASPermissionsArgs{
Read: pulumi.Bool(true),
Write: pulumi.Bool(true),
Delete: pulumi.Bool(false),
List: pulumi.Bool(false),
Add: pulumi.Bool(true),
Create: pulumi.Bool(true),
Update: pulumi.Bool(false),
Process: pulumi.Bool(false),
Tag: pulumi.Bool(false),
Filter: pulumi.Bool(false),
},
}, nil)
ctx.Export("sasUrlQueryString", example.ApplyT(func(example storage.GetAccountSASResult) (*string, error) {
return &example.Sas, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
{
Name = "resourceGroupName",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "storageaccountname",
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
AccountTier = "Standard",
AccountReplicationType = "GRS",
Tags =
{
{ "environment", "staging" },
},
});
var example = Azure.Storage.GetAccountSAS.Invoke(new()
{
ConnectionString = exampleAccount.PrimaryConnectionString,
HttpsOnly = true,
SignedVersion = "2022-11-02",
ResourceTypes = new Azure.Storage.Inputs.GetAccountSASResourceTypesInputArgs
{
Service = true,
Container = false,
Object = false,
},
Services = new Azure.Storage.Inputs.GetAccountSASServicesInputArgs
{
Blob = true,
Queue = false,
Table = false,
File = false,
},
Start = "2018-03-21T00:00:00Z",
Expiry = "2020-03-21T00:00:00Z",
Permissions = new Azure.Storage.Inputs.GetAccountSASPermissionsInputArgs
{
Read = true,
Write = true,
Delete = false,
List = false,
Add = true,
Create = true,
Update = false,
Process = false,
Tag = false,
Filter = false,
},
});
return new Dictionary<string, object?>
{
["sasUrlQueryString"] = example.Apply(getAccountSASResult => getAccountSASResult.Sas),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.StorageFunctions;
import com.pulumi.azure.storage.inputs.GetAccountSASArgs;
import com.pulumi.azure.storage.inputs.GetAccountSASResourceTypesArgs;
import com.pulumi.azure.storage.inputs.GetAccountSASServicesArgs;
import com.pulumi.azure.storage.inputs.GetAccountSASPermissionsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.name("resourceGroupName")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("storageaccountname")
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("GRS")
.tags(Map.of("environment", "staging"))
.build());
final var example = StorageFunctions.getAccountSAS(GetAccountSASArgs.builder()
.connectionString(exampleAccount.primaryConnectionString())
.httpsOnly(true)
.signedVersion("2022-11-02")
.resourceTypes(GetAccountSASResourceTypesArgs.builder()
.service(true)
.container(false)
.object(false)
.build())
.services(GetAccountSASServicesArgs.builder()
.blob(true)
.queue(false)
.table(false)
.file(false)
.build())
.start("2018-03-21T00:00:00Z")
.expiry("2020-03-21T00:00:00Z")
.permissions(GetAccountSASPermissionsArgs.builder()
.read(true)
.write(true)
.delete(false)
.list(false)
.add(true)
.create(true)
.update(false)
.process(false)
.tag(false)
.filter(false)
.build())
.build());
ctx.export("sasUrlQueryString", example.applyValue(_example -> _example.sas()));
}
}
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
name: example
properties:
name: resourceGroupName
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: storageaccountname
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
accountTier: Standard
accountReplicationType: GRS
tags:
environment: staging
variables:
example:
fn::invoke:
function: azure:storage:getAccountSAS
arguments:
connectionString: ${exampleAccount.primaryConnectionString}
httpsOnly: true
signedVersion: 2022-11-02
resourceTypes:
service: true
container: false
object: false
services:
blob: true
queue: false
table: false
file: false
start: 2018-03-21T00:00:00Z
expiry: 2020-03-21T00:00:00Z
permissions:
read: true
write: true
delete: false
list: false
add: true
create: true
update: false
process: false
tag: false
filter: false
outputs:
sasUrlQueryString: ${example.sas}
Using getAccountSAS
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAccountSAS(args: GetAccountSASArgs, opts?: InvokeOptions): Promise<GetAccountSASResult>
function getAccountSASOutput(args: GetAccountSASOutputArgs, opts?: InvokeOptions): Output<GetAccountSASResult>def get_account_sas(connection_string: Optional[str] = None,
expiry: Optional[str] = None,
https_only: Optional[bool] = None,
ip_addresses: Optional[str] = None,
permissions: Optional[GetAccountSASPermissions] = None,
resource_types: Optional[GetAccountSASResourceTypes] = None,
services: Optional[GetAccountSASServices] = None,
signed_version: Optional[str] = None,
start: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAccountSASResult
def get_account_sas_output(connection_string: pulumi.Input[Optional[str]] = None,
expiry: pulumi.Input[Optional[str]] = None,
https_only: pulumi.Input[Optional[bool]] = None,
ip_addresses: pulumi.Input[Optional[str]] = None,
permissions: pulumi.Input[Optional[GetAccountSASPermissionsArgs]] = None,
resource_types: pulumi.Input[Optional[GetAccountSASResourceTypesArgs]] = None,
services: pulumi.Input[Optional[GetAccountSASServicesArgs]] = None,
signed_version: pulumi.Input[Optional[str]] = None,
start: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAccountSASResult]func GetAccountSAS(ctx *Context, args *GetAccountSASArgs, opts ...InvokeOption) (*GetAccountSASResult, error)
func GetAccountSASOutput(ctx *Context, args *GetAccountSASOutputArgs, opts ...InvokeOption) GetAccountSASResultOutput> Note: This function is named GetAccountSAS in the Go SDK.
public static class GetAccountSAS
{
public static Task<GetAccountSASResult> InvokeAsync(GetAccountSASArgs args, InvokeOptions? opts = null)
public static Output<GetAccountSASResult> Invoke(GetAccountSASInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetAccountSASResult> getAccountSAS(GetAccountSASArgs args, InvokeOptions options)
public static Output<GetAccountSASResult> getAccountSAS(GetAccountSASArgs args, InvokeOptions options)
fn::invoke:
function: azure:storage/getAccountSAS:getAccountSAS
arguments:
# arguments dictionaryThe following arguments are supported:
- Connection
String string - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - Expiry string
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- Resource
Types GetAccount SASResource Types - A
resourceTypesblock as defined below. - Services
Get
Account SASServices - A
servicesblock as defined below. - Start string
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- Https
Only bool - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - Ip
Addresses string - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- Permissions
Get
Account SASPermissions - A
permissionsblock as defined below. - Signed
Version string - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
- Connection
String string - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - Expiry string
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- Resource
Types GetAccount SASResource Types - A
resourceTypesblock as defined below. - Services
Get
Account SASServices - A
servicesblock as defined below. - Start string
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- Https
Only bool - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - Ip
Addresses string - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- Permissions
Get
Account SASPermissions - A
permissionsblock as defined below. - Signed
Version string - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
- connection
String String - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - expiry String
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- resource
Types GetAccount SASResource Types - A
resourceTypesblock as defined below. - services
Get
Account SASServices - A
servicesblock as defined below. - start String
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- https
Only Boolean - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - ip
Addresses String - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- permissions
Get
Account SASPermissions - A
permissionsblock as defined below. - signed
Version String - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
- connection
String string - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - expiry string
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- resource
Types GetAccount SASResource Types - A
resourceTypesblock as defined below. - services
Get
Account SASServices - A
servicesblock as defined below. - start string
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- https
Only boolean - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - ip
Addresses string - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- permissions
Get
Account SASPermissions - A
permissionsblock as defined below. - signed
Version string - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
- connection_
string str - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - expiry str
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- resource_
types GetAccount SASResource Types - A
resourceTypesblock as defined below. - services
Get
Account SASServices - A
servicesblock as defined below. - start str
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- https_
only bool - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - ip_
addresses str - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- permissions
Get
Account SASPermissions - A
permissionsblock as defined below. - signed_
version str - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
- connection
String String - The connection string for the storage account to which this SAS applies. Typically directly from the
primaryConnectionStringattribute of anazure.storage.Accountresource. - expiry String
The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string.
Note: The ISO-8601 Time offset from UTC is currently not supported by the service, which will result into 409 error.
- resource
Types Property Map - A
resourceTypesblock as defined below. - services Property Map
- A
servicesblock as defined below. - start String
- The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string.
- https
Only Boolean - Only permit
httpsaccess. Iffalse, bothhttpandhttpsare permitted. Defaults totrue. - ip
Addresses String - IP address, or a range of IP addresses, from which to accept requests. When specifying a range, note that the range is inclusive.
- permissions Property Map
- A
permissionsblock as defined below. - signed
Version String - Specifies the signed storage service version to use to authorize requests made with this account SAS. Defaults to
2022-11-02.
getAccountSAS Result
The following output properties are available:
- Connection
String string - Expiry string
- Id string
- The provider-assigned unique ID for this managed resource.
- Resource
Types GetAccount SASResource Types - Sas string
- The computed Account Shared Access Signature (SAS).
- Services
Get
Account SASServices - Start string
- Https
Only bool - Ip
Addresses string - Permissions
Get
Account SASPermissions - Signed
Version string
- Connection
String string - Expiry string
- Id string
- The provider-assigned unique ID for this managed resource.
- Resource
Types GetAccount SASResource Types - Sas string
- The computed Account Shared Access Signature (SAS).
- Services
Get
Account SASServices - Start string
- Https
Only bool - Ip
Addresses string - Permissions
Get
Account SASPermissions - Signed
Version string
- connection
String String - expiry String
- id String
- The provider-assigned unique ID for this managed resource.
- resource
Types GetAccount SASResource Types - sas String
- The computed Account Shared Access Signature (SAS).
- services
Get
Account SASServices - start String
- https
Only Boolean - ip
Addresses String - permissions
Get
Account SASPermissions - signed
Version String
- connection
String string - expiry string
- id string
- The provider-assigned unique ID for this managed resource.
- resource
Types GetAccount SASResource Types - sas string
- The computed Account Shared Access Signature (SAS).
- services
Get
Account SASServices - start string
- https
Only boolean - ip
Addresses string - permissions
Get
Account SASPermissions - signed
Version string
- connection_
string str - expiry str
- id str
- The provider-assigned unique ID for this managed resource.
- resource_
types GetAccount SASResource Types - sas str
- The computed Account Shared Access Signature (SAS).
- services
Get
Account SASServices - start str
- https_
only bool - ip_
addresses str - permissions
Get
Account SASPermissions - signed_
version str
- connection
String String - expiry String
- id String
- The provider-assigned unique ID for this managed resource.
- resource
Types Property Map - sas String
- The computed Account Shared Access Signature (SAS).
- services Property Map
- start String
- https
Only Boolean - ip
Addresses String - permissions Property Map
- signed
Version String
Supporting Types
GetAccountSASPermissions
- Add bool
- Should Add permissions be enabled for this SAS?
- Create bool
- Should Create permissions be enabled for this SAS?
- Delete bool
- Should Delete permissions be enabled for this SAS?
- Filter bool
- Should Filter by Index Tags permissions be enabled for this SAS?
- List bool
- Should List permissions be enabled for this SAS?
- Process bool
- Should Process permissions be enabled for this SAS?
- Read bool
- Should Read permissions be enabled for this SAS?
- Tag bool
- Should Get / Set Index Tags permissions be enabled for this SAS?
- Update bool
- Should Update permissions be enabled for this SAS?
- Write bool
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
- Add bool
- Should Add permissions be enabled for this SAS?
- Create bool
- Should Create permissions be enabled for this SAS?
- Delete bool
- Should Delete permissions be enabled for this SAS?
- Filter bool
- Should Filter by Index Tags permissions be enabled for this SAS?
- List bool
- Should List permissions be enabled for this SAS?
- Process bool
- Should Process permissions be enabled for this SAS?
- Read bool
- Should Read permissions be enabled for this SAS?
- Tag bool
- Should Get / Set Index Tags permissions be enabled for this SAS?
- Update bool
- Should Update permissions be enabled for this SAS?
- Write bool
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
- add Boolean
- Should Add permissions be enabled for this SAS?
- create Boolean
- Should Create permissions be enabled for this SAS?
- delete Boolean
- Should Delete permissions be enabled for this SAS?
- filter Boolean
- Should Filter by Index Tags permissions be enabled for this SAS?
- list Boolean
- Should List permissions be enabled for this SAS?
- process Boolean
- Should Process permissions be enabled for this SAS?
- read Boolean
- Should Read permissions be enabled for this SAS?
- tag Boolean
- Should Get / Set Index Tags permissions be enabled for this SAS?
- update Boolean
- Should Update permissions be enabled for this SAS?
- write Boolean
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
- add boolean
- Should Add permissions be enabled for this SAS?
- create boolean
- Should Create permissions be enabled for this SAS?
- delete boolean
- Should Delete permissions be enabled for this SAS?
- filter boolean
- Should Filter by Index Tags permissions be enabled for this SAS?
- list boolean
- Should List permissions be enabled for this SAS?
- process boolean
- Should Process permissions be enabled for this SAS?
- read boolean
- Should Read permissions be enabled for this SAS?
- tag boolean
- Should Get / Set Index Tags permissions be enabled for this SAS?
- update boolean
- Should Update permissions be enabled for this SAS?
- write boolean
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
- add bool
- Should Add permissions be enabled for this SAS?
- create bool
- Should Create permissions be enabled for this SAS?
- delete bool
- Should Delete permissions be enabled for this SAS?
- filter bool
- Should Filter by Index Tags permissions be enabled for this SAS?
- list bool
- Should List permissions be enabled for this SAS?
- process bool
- Should Process permissions be enabled for this SAS?
- read bool
- Should Read permissions be enabled for this SAS?
- tag bool
- Should Get / Set Index Tags permissions be enabled for this SAS?
- update bool
- Should Update permissions be enabled for this SAS?
- write bool
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
- add Boolean
- Should Add permissions be enabled for this SAS?
- create Boolean
- Should Create permissions be enabled for this SAS?
- delete Boolean
- Should Delete permissions be enabled for this SAS?
- filter Boolean
- Should Filter by Index Tags permissions be enabled for this SAS?
- list Boolean
- Should List permissions be enabled for this SAS?
- process Boolean
- Should Process permissions be enabled for this SAS?
- read Boolean
- Should Read permissions be enabled for this SAS?
- tag Boolean
- Should Get / Set Index Tags permissions be enabled for this SAS?
- update Boolean
- Should Update permissions be enabled for this SAS?
- write Boolean
Should Write permissions be enabled for this SAS?
Note: Refer to the SAS creation reference from Azure for additional details on the fields above.
GetAccountSASResourceTypes
GetAccountSASServices
- Blob bool
- Should permission be granted to
blobservices within this storage account? - File bool
- Should permission be granted to
fileservices within this storage account? - Queue bool
- Should permission be granted to
queueservices within this storage account? - Table bool
- Should permission be granted to
tableservices within this storage account?
- Blob bool
- Should permission be granted to
blobservices within this storage account? - File bool
- Should permission be granted to
fileservices within this storage account? - Queue bool
- Should permission be granted to
queueservices within this storage account? - Table bool
- Should permission be granted to
tableservices within this storage account?
- blob Boolean
- Should permission be granted to
blobservices within this storage account? - file Boolean
- Should permission be granted to
fileservices within this storage account? - queue Boolean
- Should permission be granted to
queueservices within this storage account? - table Boolean
- Should permission be granted to
tableservices within this storage account?
- blob boolean
- Should permission be granted to
blobservices within this storage account? - file boolean
- Should permission be granted to
fileservices within this storage account? - queue boolean
- Should permission be granted to
queueservices within this storage account? - table boolean
- Should permission be granted to
tableservices within this storage account?
- blob bool
- Should permission be granted to
blobservices within this storage account? - file bool
- Should permission be granted to
fileservices within this storage account? - queue bool
- Should permission be granted to
queueservices within this storage account? - table bool
- Should permission be granted to
tableservices within this storage account?
- blob Boolean
- Should permission be granted to
blobservices within this storage account? - file Boolean
- Should permission be granted to
fileservices within this storage account? - queue Boolean
- Should permission be granted to
queueservices within this storage account? - table Boolean
- Should permission be granted to
tableservices within this storage account?
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.
We recommend using Azure Native.
Viewing docs for Azure v6.35.0
published on Tuesday, Apr 21, 2026 by Pulumi
published on Tuesday, Apr 21, 2026 by Pulumi
