import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Use this data source to obtain a Shared Access Signature (SAS Token) for an existing Storage Account Blob Container. * * Shared access signatures allow fine-grained, ephemeral access control to various aspects of an Azure Storage Account Blob Container. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const rg = new azure.core.ResourceGroup("rg", { * name: "resourceGroupName", * location: "West Europe", * }); * const storage = new azure.storage.Account("storage", { * name: "storageaccountname", * resourceGroupName: rg.name, * location: rg.location, * accountTier: "Standard", * accountReplicationType: "LRS", * }); * const container = new azure.storage.Container("container", { * name: "mycontainer", * storageAccountName: storage.name, * containerAccessType: "private", * }); * const example = azure.storage.getAccountBlobContainerSASOutput({ * connectionString: storage.primaryConnectionString, * containerName: container.name, * httpsOnly: true, * ipAddress: "168.1.5.65", * start: "2018-03-21", * expiry: "2018-03-21", * permissions: { * read: true, * add: true, * create: false, * write: false, * "delete": true, * list: true, * }, * cacheControl: "max-age=5", * contentDisposition: "inline", * contentEncoding: "deflate", * contentLanguage: "en-US", * contentType: "application/json", * }); * export const sasUrlQueryString = example.apply(example => example.sas); * ``` */ export declare function getAccountBlobContainerSAS(args: GetAccountBlobContainerSASArgs, opts?: pulumi.InvokeOptions): Promise; /** * A collection of arguments for invoking getAccountBlobContainerSAS. */ export interface GetAccountBlobContainerSASArgs { /** * The `Cache-Control` response header that is sent when this SAS token is used. */ cacheControl?: string; /** * The connection string for the storage account to which this SAS applies. Typically directly from the `primaryConnectionString` attribute of an `azure.storage.Account` resource. */ connectionString: string; /** * Name of the container. */ containerName: string; /** * The `Content-Disposition` response header that is sent when this SAS token is used. */ contentDisposition?: string; /** * The `Content-Encoding` response header that is sent when this SAS token is used. */ contentEncoding?: string; /** * The `Content-Language` response header that is sent when this SAS token is used. */ contentLanguage?: string; /** * The `Content-Type` response header that is sent when this SAS token is used. */ contentType?: string; /** * The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string. * * > **Note:** The [ISO-8601 Time offset from UTC](https://en.wikipedia.org/wiki/ISO_8601#Time_offsets_from_UTC) is currently not supported by the service, which will result into 409 error. */ expiry: string; /** * Only permit `https` access. If `false`, both `http` and `https` are permitted. Defaults to `true`. */ httpsOnly?: boolean; /** * Single IPv4 address or range (connected with a dash) of IPv4 addresses. */ ipAddress?: string; /** * Should Permissions permissions be enabled for this SAS? */ permissions?: inputs.storage.GetAccountBlobContainerSASPermissions; /** * The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string. */ start: string; } /** * A collection of values returned by getAccountBlobContainerSAS. */ export interface GetAccountBlobContainerSASResult { readonly cacheControl?: string; readonly connectionString: string; readonly containerName: string; readonly contentDisposition?: string; readonly contentEncoding?: string; readonly contentLanguage?: string; readonly contentType?: string; readonly expiry: string; readonly httpsOnly?: boolean; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; readonly ipAddress?: string; readonly permissions?: outputs.storage.GetAccountBlobContainerSASPermissions; /** * The computed Blob Container Shared Access Signature (SAS). The delimiter character ('?') for the query string is the prefix of `sas`. */ readonly sas: string; readonly start: string; } /** * Use this data source to obtain a Shared Access Signature (SAS Token) for an existing Storage Account Blob Container. * * Shared access signatures allow fine-grained, ephemeral access control to various aspects of an Azure Storage Account Blob Container. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const rg = new azure.core.ResourceGroup("rg", { * name: "resourceGroupName", * location: "West Europe", * }); * const storage = new azure.storage.Account("storage", { * name: "storageaccountname", * resourceGroupName: rg.name, * location: rg.location, * accountTier: "Standard", * accountReplicationType: "LRS", * }); * const container = new azure.storage.Container("container", { * name: "mycontainer", * storageAccountName: storage.name, * containerAccessType: "private", * }); * const example = azure.storage.getAccountBlobContainerSASOutput({ * connectionString: storage.primaryConnectionString, * containerName: container.name, * httpsOnly: true, * ipAddress: "168.1.5.65", * start: "2018-03-21", * expiry: "2018-03-21", * permissions: { * read: true, * add: true, * create: false, * write: false, * "delete": true, * list: true, * }, * cacheControl: "max-age=5", * contentDisposition: "inline", * contentEncoding: "deflate", * contentLanguage: "en-US", * contentType: "application/json", * }); * export const sasUrlQueryString = example.apply(example => example.sas); * ``` */ export declare function getAccountBlobContainerSASOutput(args: GetAccountBlobContainerSASOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output; /** * A collection of arguments for invoking getAccountBlobContainerSAS. */ export interface GetAccountBlobContainerSASOutputArgs { /** * The `Cache-Control` response header that is sent when this SAS token is used. */ cacheControl?: pulumi.Input; /** * The connection string for the storage account to which this SAS applies. Typically directly from the `primaryConnectionString` attribute of an `azure.storage.Account` resource. */ connectionString: pulumi.Input; /** * Name of the container. */ containerName: pulumi.Input; /** * The `Content-Disposition` response header that is sent when this SAS token is used. */ contentDisposition?: pulumi.Input; /** * The `Content-Encoding` response header that is sent when this SAS token is used. */ contentEncoding?: pulumi.Input; /** * The `Content-Language` response header that is sent when this SAS token is used. */ contentLanguage?: pulumi.Input; /** * The `Content-Type` response header that is sent when this SAS token is used. */ contentType?: pulumi.Input; /** * The expiration time and date of this SAS. Must be a valid ISO-8601 format time/date string. * * > **Note:** The [ISO-8601 Time offset from UTC](https://en.wikipedia.org/wiki/ISO_8601#Time_offsets_from_UTC) is currently not supported by the service, which will result into 409 error. */ expiry: pulumi.Input; /** * Only permit `https` access. If `false`, both `http` and `https` are permitted. Defaults to `true`. */ httpsOnly?: pulumi.Input; /** * Single IPv4 address or range (connected with a dash) of IPv4 addresses. */ ipAddress?: pulumi.Input; /** * Should Permissions permissions be enabled for this SAS? */ permissions?: pulumi.Input; /** * The starting time and date of validity of this SAS. Must be a valid ISO-8601 format time/date string. */ start: pulumi.Input; }