LinuxCommandLibrary

az-storage-account

Manage Azure storage accounts

TLDR

Create an storage account

$ az storage account create [[-n|--name]] [storage_account_name] [[-g|--resource-group]] [azure_resource_group] --location [azure_location] --sku [storage_account_sku]
copy

Generate a shared access signature for a specific storage account
$ az storage account generate-sas --account-name [storage_account_name] [[-n|--name]] [account_name] --permissions [sas_permissions] --expiry [expiry_date] --services [storage_services] --resource-types [resource_types]
copy

List storage accounts
$ az storage account list [[-g|--resource-group]] [azure_resource_group]
copy

Delete a specific storage account
$ az storage account delete [[-n|--name]] [storage_account_name] [[-g|--resource-group]] [azure_resource_group]
copy

SYNOPSIS

az storage account [parameters]

PARAMETERS

--account-name
    The name of the storage account. This is required unless `--connection-string` or `--sas-token` is provided. Using environment variable `AZURE_STORAGE_ACCOUNT` is an alternative.

--account-key
    The storage account key. Value should be a valid storage account key. More info at https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string. Using environment variable `AZURE_STORAGE_KEY` is an alternative.

--connection-string
    The connection string for the storage account. More info at https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string. Using environment variable `AZURE_STORAGE_CONNECTION_STRING` is an alternative.

--sas-token
    The Shared Access Signature (SAS) token for the storage account. More info at https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview. Using environment variable `AZURE_STORAGE_SAS_TOKEN` is an alternative.

--subscription
    Name or ID of subscription. You can configure the default subscription using `az account set -s NAME_OR_ID`

create
    Create a storage account.

delete
    Delete a storage account.

show
    Get the properties of a storage account.

list
    List storage accounts.

update
    Update a storage account.

keys
    Manage storage account keys.

network-rule
    Manage storage account network rules.

DESCRIPTION

The `az storage account` command in the Azure CLI provides a comprehensive interface for managing Azure Storage accounts. It allows you to create, delete, update, list, and configure various aspects of storage accounts, including access keys, connection strings, firewall rules, encryption settings, and network configurations. This command is essential for automating storage account management tasks, integrating with deployment pipelines, and managing storage infrastructure through scripts and configuration management tools.

With this command you can view storage account properties such as sku, endpoint and statuses. The command supports various authentication mechanisms, including Azure Active Directory (Azure AD) and Shared Access Signature (SAS) tokens, providing flexibility in securing access to storage resources. It's a critical tool for DevOps engineers, system administrators, and developers working with Azure Storage.

AUTHENTICATION

The `az storage account` command supports several authentication methods: Account Keys, SAS Tokens, and Azure Active Directory (Azure AD). Azure AD authentication is generally recommended for enhanced security. Ensure appropriate permissions are configured for the user or service principal when using Azure AD.

NETWORKING

You can configure firewall rules, virtual network integrations, and private endpoints to restrict access to your storage account from specific networks or resources. This command provides subcommands to manage these configurations.

Use `az storage account network-rule` to configure storage account firewall

SEE ALSO

az storage blob(1), az storage queue(1), az storage table(1)

Copied to clipboard