How to use the command 'az storage account' (with examples)
The az storage account command is part of the Azure CLI (Command-Line Interface) and is used to manage storage accounts in Azure. With this command, you can create, delete, list, and generate shared access signatures for storage accounts.
Use case 1: Create a storage account
az storage account create --name storage_account_name --resource-group azure_resource_group --location azure_location --sku storage_account_sku
Motivation: Creating a storage account is the first step to start using Azure storage services. This command allows you to create a new storage account within the specified resource group and at the desired location with the specified SKU (Service Level Agreement).
Explanation:
--name: Specifies the name of the storage account to be created.--resource-group: Specifies the resource group where the storage account will be created.--location: Specifies the Azure region where the storage account will be created.--sku: Specifies the SKU (Service Level Agreement) for the storage account. Valid values include Standard_LRS, Standard_GRS, Standard_RAGRS, Standard_ZRS, Premium_LRS.
Example output:
{
"creationTime": "2022-02-01T06:30:00+00:00",
"id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azure_resource_group/providers/Microsoft.Storage/storageAccounts/storage_account_name",
"kind": "StorageV2",
"location": "westus",
"name": "storage_account_name",
"primaryEndpoints": {
"blob": "https://storage_account_name.blob.core.windows.net/",
"dfs": "https://storage_account_name.dfs.core.windows.net/",
"file": "https://storage_account_name.file.core.windows.net/",
"queue": "https://storage_account_name.queue.core.windows.net/",
"table": "https://storage_account_name.table.core.windows.net/",
"web": "https://storage_account_name.z13.web.core.windows.net/"
},
"provisioningState": "Succeeded",
"resourceGroup": "azure_resource_group",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"statusOfPrimary": "available",
"type": "Microsoft.Storage/storageAccounts"
}
Use case 2: Generate a shared access signature for a specific storage account
az storage account generate-sas --account-name storage_account_name --name account_name --permissions sas_permissions --expiry expiry_date --services storage_services --resource-types resource_types
Motivation: A shared access signature (SAS) provides delegated access to resources in a storage account. Generating a SAS enables secure access to storage resources with fine-grained access controls.
Explanation:
--account-name: Specifies the name of the storage account for which the SAS will be generated.--name: Specifies the name of the SAS.--permissions: Specifies the permissions for the SAS. Common values include ‘r’ for read access, ‘w’ for write access, ’d’ for delete access.--expiry: Specifies the expiry date and time for the SAS in UTC format.--services: Specifies the services for which the SAS is valid. Common values include ‘b’ for blob, ‘f’ for file, ‘q’ for queue, ’t’ for table.--resource-types: Specifies the resource types for which the SAS is valid. Common values include ’s’ for service, ‘c’ for container, ‘o’ for object.
Example output:
sv=2020-12-06&ss=b&srt=sco&sp=r&se=2023-01-01T00:00:00Z&sr=c&sig=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Use case 3: List storage accounts
az storage account list --resource-group azure_resource_group
Motivation: Listing storage accounts provides an overview of the storage accounts available in a specific resource group. This can be useful for managing and tracking storage resources in Azure.
Explanation:
--resource-group: Specifies the resource group from which to list the storage accounts.
Example output:
[
{
"id":"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azure_resource_group/providers/Microsoft.Storage/storageAccounts/storage_account_name1",
"kind":"StorageV2",
"location":"westus",
"name":"storage_account_name1",
"provisioningState":"Succeeded",
"resourceGroup":"azure_resource_group",
"sku":{
"name":"Standard_LRS",
"tier":"Standard"
},
"statusOfPrimary":"available",
"tags":{},
"type":"Microsoft.Storage/storageAccounts"
},
{
"id":"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azure_resource_group/providers/Microsoft.Storage/storageAccounts/storage_account_name2",
"kind":"StorageV2",
"location":"westus",
"name":"storage_account_name2",
"provisioningState":"Succeeded",
"resourceGroup":"azure_resource_group",
"sku":{
"name":"Standard_LRS",
"tier":"Standard"
},
"statusOfPrimary":"available",
"tags":{},
"type":"Microsoft.Storage/storageAccounts"
}
]
Use case 4: Delete a specific storage account
az storage account delete --name storage_account_name --resource-group azure_resource_group
Motivation: When a storage account is no longer needed, it can be deleted to free up resources and avoid unnecessary costs. This command allows you to delete a specific storage account within the specified resource group.
Explanation:
--name: Specifies the name of the storage account to be deleted.--resource-group: Specifies the resource group from which to delete the storage account.
Example output:
(null)
Conclusion:
The az storage account command is a versatile tool for managing storage accounts in Azure. Whether it’s creating a new storage account, generating shared access signatures, listing existing storage accounts, or deleting unnecessary storage accounts, this command provides the necessary functionality to manage your storage resources efficiently.
