How to create a Stored Access Policy for a container in Microsoft Azure (PowerShell)

Introduction

This PowerShell script sample shows how to create a stored access policy for a container in Microsoft Azure.

Scenarios

A stored access policy gives us greater control over shared access signatures we have released. Instead of specifying the signature's lifetime and permissions on the URL, we can specify these parameters within the stored access policy stored on container that is being shared.

Script

Step 1: From the Start Screen or the Start Menu, search for Windows Azure PowerShell. Right-click the Windows Azure PowerShell entry and select Run as Administrator.

Note: If Windows Azure PowerShell is not installed, see Getting Started with Windows Azure PowerShell Cmdlets for installation and configuration information.

Step 2: If you want to get a list of all cmdlet help topics, type the command Get-Help C:\Script\CreateStoredAccessPolicy.ps1 –Full to display the entire help file for this function, such as the syntax, parameters, or examples. This is shown in the following figure.

Example

Example 1: Type C:\Script\CreateStoredAccessPolicy.ps1 -StorageAccountName storageaccount -ContainerName pics -StoredAccessPolicy "Policy5" -StartTime "5/5/2014" -ExpiryTime "5/15/2014" –Read command in the Windows PowerShell Console.

This example shows how to create a stored access policy named Policy5 and set the read permission for it.

Here are some code snippets for your reference.

PowerShell
Edit|Remove
#Sets start time and expiry time for access policy 
$SharedAccessBlobPolicy.SharedAccessStartTime = $StartTime 
$SharedAccessBlobPolicy.SharedAccessExpiryTime = $ExpiryTime 
  
$PermissionValue = 0 
If($Read) 
{ 
    $PermissionValue += [Int][Microsoft.WindowsAzure.Storage.Blob.SharedAccessBlobPermissions]::Read 
} 
If($Write) 
{ 
    $PermissionValue += [Int][Microsoft.WindowsAzure.Storage.Blob.SharedAccessBlobPermissions]::Write 
} 
If($List) 
{ 
    $PermissionValue += [Int][Microsoft.WindowsAzure.Storage.Blob.SharedAccessBlobPermissions]::List 
} 
If($Delete) 
{ 
    $PermissionValue += [Int][Microsoft.WindowsAzure.Storage.Blob.SharedAccessBlobPermissions]::Delete 
} 
  
#Sets permission of stored access policy 
$SharedAccessBlobPolicy.Permissions = $PermissionValue 
  
  
$ContainerPermission = $BlobContainer.GetPermissions() 
Try 
{ 
    Write-Verbose "Create a stored access policy '$StoredAccessPolicy'." 
    $ContainerPermission.SharedAccessPolicies.Add("$StoredAccessPolicy",$SharedAccessBlobPolicy) 
    $ContainerPermission.PublicAccess = [Microsoft.WindowsAzure.Storage.Blob.BlobContainerPublicAccessType]::Off 
    $BlobContainer.SetPermissions($ContainerPermission) 
    Write-Host "Successfully create a stored access policy '$StoredAccessPolicy'." 
} 
Catch 
{ 
    Write-Host "Failed to create a stored access policy." 
}
Prerequisite

Windows PowerShell 3.0

Windows Azure PowerShell

Microsoft All-In-One Script Framework is an automation script sample library for IT Professionals. The key value that All-In-One Script Framework is trying to deliver is Scenario-Focused Script Samples driven by IT Pros' real-world pains and needs. The team is monitoring all TechNet forums, IT Pros' support calls to Microsoft, and script requests submitted to TechNet Script Repository. We collect frequently asked IT scenarios, and create script samples to automate the tasks and save some time for IT Pros. The team of All-In-One Script Framework sincerely hope that these customer-driven automation script samples can help our IT community in this script-centric move.