How to generate an SAS token of Container or Blob using a Stored Access Policy in Microsoft Azure
Introduction
This PowerShell script sample shows how to generate an SAS token of container or blob that uses a stored access policy.
Scenarios
Shared Access Signature is a powerful way to grant client limited permissions to blobs, queues, or tables for a specified period of time, without having to share our account access keys. This script can easily help us generate an SAS token of container or blob that uses a stored access policy.
Script
Step 1: From the Start Screen or the Start Menu, search for Windows Azure PowerShell. Right-click the Windows Azure PowerShell entry and select Run as Administrator.
Note: If Windows Azure PowerShell is not installed, see Getting Started with Windows Azure PowerShell Cmdlets for installation and configuration information.
Step 2: If you want to get a list of all cmdlet help topics, type the command Get-Help C:\Script\GenerateSASTokenWithAccessPolicy.ps1 –Full to display the entire help file for this function, such as the syntax, parameters, or examples. This is shown in the following figure.
Example
Example 1: Type C:\Script\GenerateSASTokenWithAccessPolicy.ps1 -StorageAccountName storageaccount -ContainerName pics -BlobName "560.jpg" -StoredAccessPolicy "Policy5" command in the Windows PowerShell Console.
This example shows how to generate Shared Access Signature tokens for azure storage blobs.
Here are some code snippets for your reference.
PowerShellEdit|RemovepowershellIf($BlobName) { Get-AzureStorageBlob -Container $ContainerName -Blob $BlobName -ErrorAction SilentlyContinue ` -ErrorVariable IsExistBlobError | Out-Null #Check if blob is existing If($IsExistBlobError.Exception -eq $null) { Write-Verbose "Generating Shared Access Signature token for azure storage blob." $BlobSASTokenURI = New-AzureStorageBlobSASToken -Container $ContainerName -Blob $BlobName -Policy $StoredAccessPolicy -FullUri Write-Host "The SAS Token of blob storage as below:" $BlobSASTokenURI } Else { Write-Warning "Cannot find blob '$BlobName' because it does not exist. Please make sure thar the name of blob is correct." } }If($BlobName) { Get-AzureStorageBlob -Container $ContainerName -Blob $BlobName -ErrorAction SilentlyContinue ` -ErrorVariable IsExistBlobError | Out-Null #Check if blob is existing If($IsExistBlobError.Exception -eq $null) { Write-Verbose "Generating Shared Access Signature token for azure storage blob." $BlobSASTokenURI = New-AzureStorageBlobSASToken -Container $ContainerName -Blob $BlobName -Policy $StoredAccessPolicy -FullUri Write-Host "The SAS Token of blob storage as below:" $BlobSASTokenURI } Else { Write-Warning "Cannot find blob '$BlobName' because it does not exist. Please make sure thar the name of blob is correct." } }
Prerequisite
Windows PowerShell 3.0
Windows Azure PowerShell
Microsoft All-In-One Script Framework is an automation script sample library for IT Professionals. The key value that All-In-One Script Framework is trying to deliver is Scenario-Focused Script Samples driven by IT Pros' real-world pains and needs. The team is monitoring all TechNet forums, IT Pros' support calls to Microsoft, and script requests submitted to TechNet Script Repository. We collect frequently asked IT scenarios, and create script samples to automate the tasks and save some time for IT Pros. The team of All-In-One Script Framework sincerely hope that these customer-driven automation script samples can help our IT community in this script-centric