0

I need to create a SAS token for a container using PowerShell with an expiry date one year from now. If I use New-AzStorageContainerSASToken I cannot set an expiry date after 7 days because it uses a user delegation key.

For example, if I do this:

$container = New-AzStorageContainer -Name $saName -Context $backupContext
$token = $container | New-AzStorageContainerSASToken -Permission rwdl -ExpiryTime (Get-Date).AddYears(1)

I get error

New-AzStorageContainerSASToken: Generate User Delegation SAS with OAuth bases Storage context. User Delegate Key expiry time 20/07/2023 15:46:12 +00:00 must be in 7 days from now.

How can I specify to sign with the account key instead?

Improve this question
2
  • Do you have access to account key? Or have permissions to get the account key? Commented Jul 20, 2022 at 16:02
  • @GauravMantri yes I do Commented Jul 20, 2022 at 17:18

1 Answer 1

Reset to default
3

If you have access to the account name and key, you can create a context using that. You can then pass that context to New-AzStorageContainerSASToken Cmdlet.

Something like:

$ctx = New-AzStorageContext -StorageAccountName "account-name" -StorageAccountKey "account-key"
$container = New-AzStorageContainer -Name $saName -Context $ctx
$token = $container | New-AzStorageContainerSASToken -Permission rwdl -ExpiryTime (Get-Date).AddYears(1) -Context $ctx

You can learn more about New-AzStorageContext here: https://learn.microsoft.com/en-us/powershell/module/az.storage/new-azstoragecontext?view=azps-8.1.0.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.