CloudBlobContainer.SetPermissions Method (BlobContainerPermissions, BlobRequestOptions)

Storage Client Library NET API

previous page next page
[This topic is part of the Microsoft Azure Storage Client Library 1.7, which has been deprecated. See Storage Client Library for the latest version.]

Sets permissions for the container, using a conditional request based on the BlobRequestOptions that you specify.

Namespace: Microsoft.WindowsAzure.StorageClient
Assembly: Microsoft.WindowsAzure.StorageClient (in Microsoft.WindowsAzure.StorageClient.dll)

Usage

Visual Basic
Dim instance As CloudBlobContainer
Dim permissions As BlobContainerPermissions
Dim options As BlobRequestOptions

instance.SetPermissions(permissions, options)

Syntax

Visual Basic
Public Sub SetPermissions ( _
	permissions As BlobContainerPermissions, _
	options As BlobRequestOptions _
)
C#
public void SetPermissions (
	BlobContainerPermissions permissions,
	BlobRequestOptions options
)
C++
public:
void SetPermissions (
	BlobContainerPermissions^ permissions, 
	BlobRequestOptions^ options
)
J#
JScript
Parameters
permissions
Type: Microsoft.WindowsAzure.StorageClient.BlobContainerPermissions
The permissions to apply to the container.
options
Type: Microsoft.WindowsAzure.StorageClient.BlobRequestOptions
An object that specifies any additional options for the request.
Example
The following code example sets both public access permissions and a container-level access policy on the container. The example then generates a shared access signature for the container.
C# Copy Code
static void CreateSAS()
{
    // Retrieve storage account information from an app.config file.
    // This is one way to store and retrieve a connection string if you are writing 
    // an application that will run locally, rather than in Windows Azure.
    CloudStorageAccount storageAccount = CloudStorageAccount.Parse(
        ConfigurationManager.AppSettings["StorageAccountConnectionString"]);

    // Create the blob client object.
    CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();

    // Get a reference to the container for which the shared access signature will be created.
    CloudBlobContainer container = blobClient.GetContainerReference("mysascontainer");
    container.CreateIfNotExist();

    // Create a permission policy to set the public access setting for the container. 
    BlobContainerPermissions containerPermissions = new BlobContainerPermissions();

    // The public access setting explicitly specifies that the container is private, 
    // so that it can't be accessed anonymously.
    containerPermissions.PublicAccess = BlobContainerPublicAccessType.Off;

    //Set the permission policy on the container.
    container.SetPermissions(containerPermissions);

    // Get the shared access signature to share with users, 
    // specifying a signature-level access policy.
    string sas = container.GetSharedAccessSignature(new SharedAccessPolicy()
    {
        // A shared access signature not tied to a container-level access policy
        // cannot be valid for more than 60 minutes.
        //If valid immediately, don’t set SharedAccessStartTime,
        //and specify a duration less than 60 minutes, such as 55 minutes,
        //to avoid clock skew risk.
        // SharedAccessStartTime = DateTime.UtcNow,
        // A shared access signature not tied to a container-level access policy
        // cannot be valid for more than 60 minutes.

        //If valid immediately, don’t set SharedAccessStartTime,
        //to avoid clock skew risk.
        // SharedAccessStartTime = DateTime.UtcNow,

        SharedAccessExpiryTime = DateTime.UtcNow.AddMinutes(30),
        Permissions = SharedAccessPermissions.Write | SharedAccessPermissions.Read
    });

    //The shared access signature then can be used to create a service client. 
    //This code would likely be run from a different client, but is included here to 
    //demonstrate how to consume the shared access signature.

    //Create the blob client directly, using the shared access signature
    CloudBlobClient sasBlobClient = new CloudBlobClient(storageAccount.BlobEndpoint,
        new StorageCredentialsSharedAccessSignature(sas));

    //Return a reference to a blob.
    CloudBlob blob = sasBlobClient.GetBlobReference("mysascontainer/myblob.txt");

    //Upload text to the blob. If the blob does not yet exist, it will be created. 
    // If the blob does exist, its existing content will be overwritten.
    blob.UploadText("Write to a blob using shared access credentials.");
}

Remarks
The SetPermissions method sets two types of permissions for the container:
  • Public access permissions, which determine whether container data and blob resources are available for anonymous access.
  • Container-level access policies, which can be used to specify parameters for a shared access signature for the container.

Thread Safety

    Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
  
Platforms
Development Platforms


    Windows Vista, Windows 7, Windows Server 2008, Windows 8.1, Windows Server 2012 R2, Windows 8 and Windows Server 2012
    
	
Change History
See Also

    
  



  


  
  

    
      previous page
    

     start

    
       next page