exec.azurerm.storage.container

Azure Resource Manager (ARM) Blob Container Operations Execution Module

New in version 2.0.0.

Changed in version 3.0.0,: 4.0.0

maintainer:

<devops@eitr.tech>

configuration:

This module requires Azure Resource Manager credentials to be passed as keyword arguments to every function or via acct in order to work properly.

Required provider parameters:

if using username and password:

• subscription_id
• username
• password

if using a service principal:

• subscription_id
• tenant
• client_id
• secret

Optional provider parameters:

cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:

• AZURE_PUBLIC_CLOUD (default)
• AZURE_CHINA_CLOUD
• AZURE_US_GOV_CLOUD
• AZURE_GERMAN_CLOUD

idem_azurerm.exec.azurerm.storage.container.clear_legal_hold(hub, ctx, name, account, resource_group, tags, **kwargs)

New in version 2.0.0.

Clears legal hold tags. Clearing the same or non-existent tag results in an idempotent operation. ClearLegalHold clears out only the specified tags in the request.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• tags – Each tag should be 3 to 23 alphanumeric characters and is normalized to lower case at SRP.

CLI Example:

azurerm.storage.container.clear_legal_hold test_name test_account test_group test_tags

idem_azurerm.exec.azurerm.storage.container.create(hub, ctx, name, account, resource_group, public_access, default_encryption_scope=None, deny_encryption_scope_override=None, metadata=None, **kwargs)

New in version 2.0.0.

Changed in version 4.0.0.

Creates a new container under the specified account as described by request body. The container resource includes metadata and properties for that container. It does not include a list of the blobs contained by the container.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• public_access – Specifies whether data in the container may be accessed publicly and the level of access. Possible values include: “Container”, “Blob”, “None”.
• default_encryption_scope – Set the default encryption scope for the container to use for all writes.
• deny_encryption_scope_override – A boolean flag representing whether or not to block the override of the encryption scope from the container default.
• metadata – A dictionary of name-value pairs to associate with the container as metadata.

CLI Example:

azurerm.storage.container.create test_name test_account test_group test_access

idem_azurerm.exec.azurerm.storage.container.create_or_update_immutability_policy(hub, ctx, name, account, resource_group, immutability_period, if_match=None, protected_append_writes=None, **kwargs)

New in version 2.0.0.

Changed in version 4.0.0.

Creates or updates an unlocked immutability policy. ETag in If-Match is honored if given but not required for this operation. The container must be of account kind ‘StorageV2’ in order to utilize an immutability policy.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• immutability_period – The immutability period for the blobs in the container since the policy creation (in days).
• if_match – The entity state (ETag) version of the immutability policy to update. A value of “*” can be used to apply the operation only if the immutability policy already exists. If omitted, this operation will always be applied. It is important to note that any ETag must be passed as a string that includes double quotes. For example, ‘“8d7b4bb4d393b8c”’ is a valid string to pass as the if_match parameter, but “8d7b4bb4d393b8c” is not. Defaults to None.
• protected_append_writes – A boolean value specifying whether new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property can only be changed for unlocked time-based retention policies.

CLI Example:

azurerm.storage.container.create_or_update_immutability_policy test_name test_account test_group test_period

idem_azurerm.exec.azurerm.storage.container.delete(hub, ctx, name, account, resource_group, **kwargs)

New in version 2.0.0.

Deletes specified container under its account.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.

CLI Example:

azurerm.storage.container.delete test_name test_account test_group

idem_azurerm.exec.azurerm.storage.container.delete_immutability_policy(hub, ctx, name, account, resource_group, if_match, **kwargs)

New in version 2.0.0.

Aborts an unlocked immutability policy. The response of delete has immutabilityPeriodSinceCreationInDays set to 0. ETag in If-Match is required for this operation. Deleting a locked immutability policy is not allowed, only way is to delete the container after deleting all blobs inside the container.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• if_match – The entity state (ETag) version of the immutability policy to update. It is important to note that the ETag must be passed as a string that includes double quotes. For example, ‘“8d7b4bb4d393b8c”’ is a valid string to pass as the if_match parameter, but “8d7b4bb4d393b8c” is not.

CLI Example:

azurerm.storage.container.delete_immutability_policy test_name test_account test_group test_if_match

idem_azurerm.exec.azurerm.storage.container.extend_immutability_policy(hub, ctx, name, account, resource_group, immutability_period, if_match, **kwargs)

New in version 2.0.0.

Extends the immutabilityPeriodSinceCreationInDays of a locked immutabilityPolicy. The only action allowed on a Locked policy will be this action. ETag in If-Match is required for this operation.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• immutability_period – The immutability period for the blobs in the container since the policy creation, in days.
• if_match – The entity state (ETag) version of the immutability policy to update. It is important to note that the ETag must be passed as a string that includes double quotes. For example, ‘“8d7b4bb4d393b8c”’ is a valid string to pass as the if_match parameter, but “8d7b4bb4d393b8c” is not.

CLI Example:

azurerm.storage.container.extend_immutability_policy test_name test_account test_group test_period test_if_match

idem_azurerm.exec.azurerm.storage.container.get(hub, ctx, name, account, resource_group, **kwargs)

New in version 2.0.0.

Gets properties of a specified container.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.

CLI Example:

azurerm.storage.container.get test_name test_account test_group

idem_azurerm.exec.azurerm.storage.container.get_client(hub, ctx, client_type, account, resource_group, container=None, blob=None, **kwargs)

New in version 3.0.0.

Load the specified blob service, container, or blob client and return a BlobServiceClient, ContainerClient, or BlobClient object, respectively.

Parameters:

• client_type – The type of client to create. Possible values are “BlobService”, “Blob”, and “Container”.
• account – The name of the storage account.
• resource_group – The name of the resource group containing the specified storage account.
• container – The name of the container.
• blob – The name of the blob.

idem_azurerm.exec.azurerm.storage.container.get_immutability_policy(hub, ctx, name, account, resource_group, if_match=None, **kwargs)

New in version 2.0.0.

Gets the existing immutability policy along with the corresponding ETag in response headers and body.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• if_match – The entity state (ETag) version of the immutability policy to update. It is important to note that the ETag must be passed as a string that includes double quotes. For example, ‘“8d7b4bb4d393b8c”’ is a valid string to pass as the if_match parameter, but “8d7b4bb4d393b8c” is not. Defaults to None.

CLI Example:

azurerm.storage.container.get_immutability_policy test_name test_account test_group test_if_match

idem_azurerm.exec.azurerm.storage.container.lease(hub, ctx, name, account, resource_group, lease_action, lease_duration=None, break_period=None, proposed_lease_id=None, lease_id=None, **kwargs)

New in version 4.0.0.

The Lease Container operation establishes and manages a lock on a container for delete operations. The lock duration can be 15 to 60 seconds, or can be infinite.

Parameters:

• container – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• lease_action – The lease action. Possible values include: ‘Acquire’, ‘Renew’, ‘Change’, ‘Release’, and ‘Break’.
• lease_duration – Specifies the duration of the lease, in seconds, or negative one (-1) for a lease that never expires. Required for the lease action “acquire”.
• break_period – For a break action, proposed duration the lease should continue before it is broken, in seconds, between 0 and 60.
• proposed_lease_id – Proposed lease ID, in a GUID string format. Required for the lease action “change” and optional for the lease action “acquire”.
• lease_id – Identifies the lease. Can be specified in any valid GUID string format.

CLI Example:

azurerm.storage.container.list test_account test_group

idem_azurerm.exec.azurerm.storage.container.list_(hub, ctx, account, resource_group, maxpagesize=None, list_filter=None, include_soft_deleted=True, **kwargs)

New in version 2.0.0.

Changed in version 4.0.0.

Lists all containers and does not support a prefix like data plane. Also SRP today does not return continuation token.

Parameters:

• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• maxpagesize – Specified maximum number of containers that can be included in the list.
• list_filter – When specified, only container names starting with the filter will be listed.
• include_soft_deleted – A boolean value representing whether to include the properties for soft deleted blob containers. Defaults to True.

CLI Example:

azurerm.storage.container.list test_account test_group

idem_azurerm.exec.azurerm.storage.container.list_blobs(hub, ctx, name, account, resource_group, **kwargs)

New in version 3.0.0.

Get all blobs under the specified container.

Parameters:

• name – The name of the blob container.
• account – The name of the storage account.
• resource_group – The name of the resource_group.

CLI Example:

azurerm.storage.container.list_blobs test_name test_account test_group

idem_azurerm.exec.azurerm.storage.container.lock_immutability_policy(hub, ctx, name, account, resource_group, if_match, **kwargs)

New in version 2.0.0.

Sets the ImmutabilityPolicy to Locked state. The only action allowed on a Locked policy is ExtendImmutabilityPolicy action. ETag in If-Match is required for this operation.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• if_match – The entity state (ETag) version of the immutability policy to update. It is important to note that the ETag must be passed as a string that includes double quotes. For example, ‘“8d7b4bb4d393b8c”’ is a valid string to pass as the if_match parameter, but “8d7b4bb4d393b8c” is not.

CLI Example:

azurerm.storage.container.lock_immutability_policy test_name test_account test_group test_if_match

idem_azurerm.exec.azurerm.storage.container.set_legal_hold(hub, ctx, name, account, resource_group, tags, **kwargs)

New in version 2.0.0.

Sets legal hold tags. Setting the same tag results in an idempotent operation. SetLegalHold follows an append pattern and does not clear out the existing tags that are not specified in the request.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• tags – Each tag should be 3 to 23 alphanumeric characters and is normalized to lower case at SRP.

CLI Example:

azurerm.storage.container.set_legal_hold test_name test_account test_group test_tags

idem_azurerm.exec.azurerm.storage.container.update(hub, ctx, name, account, resource_group, public_access, default_encryption_scope=None, deny_encryption_scope_override=None, metadata=None, **kwargs)

New in version 2.0.0.

Changed in version 4.0.0.

Updates container properties as specified in request body. Properties not mentioned in the request will be unchanged. Update fails if the specified container doesn’t already exist.

Parameters:

• name – The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number.
• account – The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only.
• resource_group – The name of the resource group within the user’s subscription. The name is case insensitive.
• public_access – Specifies whether data in the container may be accessed publicly and the level of access. Possible values include: “Container”, “Blob”, “None”.
• default_encryption_scope – Set the default encryption scope for the container to use for all writes.
• deny_encryption_scope_override – A boolean flag representing whether or not to block the override of the encryption scope from the container default.
• metadata – A dictionary of name-value pairs to associate with the container as metadata.

CLI Example:

azurerm.storage.container.update test_name test_account test_group test_access

idem_azurerm.exec.azurerm.storage.container.upload_blob(hub, ctx, name, container, account, resource_group, file_path, blob_type='BlockBlob', overwrite=False, **kwargs)

New in version 3.0.0.

Creates a new blob from a data source with automatic chunking.

Parameters:

• name – The blob with which to interact.
• container – The name of the blob container.
• account – The name of the storage account.
• resource_group – The name of the resource group.
• file_path – The path of the file to upload to the specified BlobContainer.
• blob_type – The type of the blob. Possible values include: “BlockBlob”, “PageBlob” or “AppendBlob”. The default value is “BlockBlob”.
• overwrite – Whether the blob to be uploaded should overwrite the current data. If True, upload_blob will overwrite the existing data. If set to False, the operation will fail with ResourceExistsError. The exception to the above is with Append blob types. If set to False and the data already exists, an error will not be raised and the data will be appended to the existing blob. If set True, then the existing append blob will be deleted, and a new one created. Defaults to False.

CLI Example:

azurerm.storage.container.upload_blob test_name test_container test_account test_group test_path