Post
Ask Question

How to Generate an Account-Level Shared Access Signature (SAS) Token for an Azure Storage Account

Introduction 

In this blog, you will see how to generate an account-level shared access signature (SAS) token for an Azure Storage account using PowerShell.

Azure Portal

 

Prerequisites

Install Azure PowerShell Module to run the script.

PowerShell Script

Open Notepad and paste the following script. Save the file as script.ps1.

  1. ################# Azure Blob Storage - PowerShell ####################  
  2.  
  3. ## Input Parameters  
  4. $resourceGroupName="azpractice"  
  5. $storageAccName="azstorageacc1122020"  
  6.  
  7. ## Connect to Azure Account  
  8. Connect-AzAccount   
  9.  
  10. ## Function to get all the blobs  
  11. Function CreateSASToken  
  12. {  
  13.     Write-Host -ForegroundColor Green "Creating an account level SAS Token.."    
  14.     ## Get the storage account   
  15.     $storageAcc=Get-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccName     
  16.     ## Get the storage account context  
  17.     $ctx=$storageAcc.Context  
  18.     ## Creates an account-level SAS token.  
  19.     New-AzStorageAccountSASToken -Context $ctx -Service Blob,File,Table,Queue -ResourceType Service,Container,Object -Permission "racwdlup"  
  20. }  
  21.   
  22. CreateSASToken   
  23.  
  24. ## Disconnect from Azure Account  
  25. Disconnect-AzAccount  

Open the Windows PowerShell window and navigate to the location where the script file was saved.

Run the following command.

.\script.ps1

 

SAS Token

 

Reference

https://docs.microsoft.com/en-us/powershell/module/az.storage/New-AzStorageAccountSASToken?view=azps-3.3.0

Summary

In this blog, you saw how to generate an account-level shared access signature (SAS) token for an Azure Storage account using PowerShell.