Azure Storage - Get container permissions

 

Declaration

<AMAZURESTORAGE ACTIVITY="get_container_permissions" CONTAINER="text" RESULTVARIABLE="text" RESULTDATASET="text" PROTOCOL="text (options)" ACCOUNTNAME="text" ACCESSKEY="text (encrypted)" BLOBENDPOINT="text" QUEUEENDPOINT="text" TABLEENDPOINT="text" TIMEOUT="number" />

Related Topics  

Description

Gets the permissions settings for the container. The container's permissions include its public access setting, which indicates whether the container and its blobs can be read by way of an anonymous request, and any shared access policies it may have. A shared access policy may be used to control the start time, expiry time, and permissions for one or more shared access signatures. A container can have up to 5 shared access policies. A shared access signature provides delegated access to the container's resources.

Practical Usage

A user's access is governed by the container permissions assigned to them for each container. This activity is useful for determining the permissions level for a particular container.

Parameters

Connection

Property

Type

Required

Default

Markup

Description

Connection

        

Indicates where user credentials and preferences should originate from. This is a design mode parameter used only during task construction and configuration, thus, comprises no markup. The available options are:

  • Host (default) - Specifies that user credentials and/or advanced preferences are configured individually for this activity. This option is normally chosen if only a single activity is required to complete an operation.

  • Session - Specifies that user credentials and/or advanced preferences are obtained from a pre-configured session created in a prior step with the use of the Azure Storage - Create session activity. This option is normally chosen if a combination of related activities are required to complete an operation. Linking several activities to a single session eliminates redundancy. Additionally, a single task supports construction and simultaneous execution of multiple sessions, improving efficiency.

Session

Text

Yes if connection is session-based

AzureStorageSession1

SESSION="MyAzureSession"

The name of an existing session to associate this activity with. This parameter is active only if the Connection parameter is set to Session. The default session name is 'AzureStorageSession1'.

Account name

Text

Yes if connection is host-based

(Empty)

ACCOUNTNAME="myaccount"

The globally unique name of the Windows Azure storage account. This parameter is active only if the Connection parameter is set to Host.

Access key

Text

Yes if connection is host-based

(Empty)

ACCESSKEY="[AccessKey]"

The primary or secondary access key (each composed of 88 ASCII characters) used to authorize access to Azure Storage. This parameter is active only if the Connection parameter is set to Host.

Protocol

Text (options)

No

HTTPS
  1. PROTOCOL="HTTPS"
  2. PROTOCOL="HTTP"

The type of protocol used to access Azure Storage. The available options are:

  • HTTPS (default) - Hypertext Transfer Protocol Secure

  • HTTP - Hypertext Transfer Protocol

Timeout (seconds)

Number

No

90

TIMEOUT="180"

The timeout interval (in seconds) for requests made to the storage service. If the timeout elapses before a server response is returned, the operation times out and the service returns an error. The default timeout value is 90 seconds.

Blob endpoint URI

Text

No

(Empty)

BLOBENDPOINT="http://accnt

.blob.core.windows.net"

The endpoint for the Blob service, as configured for the Azure Storage account. The default Blob service endpoint is '[http/https]://accountname.blob.core.windows.net', where 'accountname' is the name of the Azure Storage account.

Queue endpoint URI

Text

No

(Empty)

QUEUEENDPOINT="http://accnt

.queue.core.windows.net"

The endpoint for the Queue service, as configured for the Azure storage account. The default Queue service endpoint is'[http/https]://accountname.queue.core.windows.net', where 'accountname'is the name of the Azure Storage account.

Table endpoint URI

Text

No

(Empty)

TABLEENDPOINT="http://accnt

.table.core.windows.net"

The endpoint for the Table service, as configured for the Azure storage account. The default Table service endpoint is '[http|https]://accountname.table.core.windows.net', where 'accountname'is the name of the Azure Storage account.

Proxy type

Text (options)

No

System default

  1. PROXYTYPE="default"

  2. PROXYTYPE="none"

  3. PROXYTYPE="HTTP"

The type of proxy server to connect through (if required). The available options are:

  • System default (default) - Access always passes through a default proxy server.

  • None - No proxy server is required.

  • HTTP - Communication is through an HTTP proxy server.

Proxy server

Text

No

(Empty)

  1. PROXYSERVER="serv.domain.com"

  2. PROXYSERVER="197.264.334.21"

 The host name (server.domain.com) or IP address (xxx.xxx.xxx.xxx) of the proxy server. This parameter is active only if the Proxy type parameter is set to HTTP.

Proxy port

Number

No

808

PROXYPORT="8080"

 The port that is used by the proxy server for client connections. The default value is 808. This parameter is active only if the Proxy type parameter is set to HTTP.

Use authentication

        

If enabled, specifies that the proxy requires authentication before granting access to resources. If disabled (default), no authentication is required. This parameter is active only if the Proxy type parameter is set to HTTP. This is a visual mode parameter only used during design time, therefore, contains no markup.

Proxy username

Text

No

(Empty)

PROXYUSERNAME="theUsername"

The username to authenticate with the proxy server. This parameter is active only if Use authentication parameter is enabled.

Proxy password

Text

No

(Empty)

PROXYPASSWORD="[encrypted]"

 The password to authenticate with the proxy server. This parameter is active only if Use authentication parameter is enabled.

Container

Property

Type

Required

Default

Markup

Description

Container name

Text

Yes

(Empty)

CONTAINER="mycontainer"

The unique name of the container to retrieve permissions from.

Populate variable with access level

Text

Yes

(Empty)

RESULTVARIABLE="myVar"

The name of an existing variable to populate with the access level of the container.
Create and populate dataset with share access policies

Text

Yes

(Empty)

SOURCE="C:\PDFFileName.pdf"

The name of the dataset to create and populate with the container's share access policy information. See Datasets below for more details.

 

Description

Error Causes

On Error

Additional Notes

Datasets

A dataset is a multi-column, multi-row object that contains a collection of information gathered during runtime and stored in memory. This activity creates and populates a dataset with the following fields (rows):

Name

Type

Return Value

theDataset.ExpiryTime

Date

The date/time that the policy expires (i.e. 10/30/2011 7:43:00 AM)

theDataset.Name

Text

The policy name.

theDataset.Permissions

Text

The current permission level (i.e. Read, Write, Delete, List).

theDataset.StartTime

Date

The date/time that the policy was initially set.

Example

NOTE:
  • The sample AML code below can be copied and pasted directly into the Steps Panel of the Task Builder.
  • Parameters containing user credentials, files, file paths, and/or other information specific to the task must be customized before the sample code can run successfully.

 

Description: This sample task demonstrates use of the 'Get container permissions' activity.

<!-- Create variable -->

<AMVARIABLE NAME="accessLevel" />

<!-- Create session -->

<AMAZURESTORAGE ACTIVITY="create_session" ACCOUNTNAME="netauto" ACCESSKEY="AM3kbFvH+pgzDo=aME" SESSION="AzureSession" />

<!-- Get container permissions -->

<AMAZURESTORAGE ACTIVITY="get_container_permissions" CONTAINER="mycontainer" RESULTVARIABLE="accessLevel" RESULTDATASET="theDataset" PROVIDER="session_based" SESSION="AzureSession" />

<!-- End session -->

<AMAZURESTORAGE ACTIVITY="end_session" SESSION="AzureSession" />