ChrisRomp/script.sh

## script.sh
# Using Service Principal
tenantid=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
clientid=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
clientsecret=xxx....xxxx

# Reqeust Bearer Token
token=$(curl -s -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
-d "grant_type=client_credentials&resource=https%3A%2F%2Fmanagement.azure.com%2F&client_id=$clientid&client_secret=$clientsecret" \
"https://login.microsoftonline.com/$tenantid/oauth2/token" | jq -r .access_token)

# Format SAS Token Request (container read/write)
subscription=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
rg=resourceGroupName
account=storageAccountName
container=containerName
end=`date -u -d "1 hour" '+%Y-%m-%dT%H:%M:%SZ'` # Expire token in 1h
data="{\"signedVersion\":\"2012-02-12\",\"canonicalizedResource\":\"/blob/$account/$container\",\"signedResource\":\"c\",\"signedPermission\":\"rwl\",\"signedProtocol\":\"https\",\"signedExpiry\":\"$end\"}"

# Request Service SAS Token
# https://docs.microsoft.com/en-us/rest/api/storagerp/storage-accounts/list-service-sas
# https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas
sastoken=$(curl -s -X POST --data $data "https://management.azure.com/subscriptions/$subscription/resourceGroups/$rg/providers/Microsoft.Storage/storageAccounts/$account/listServiceSas/?api-version=2017-06-01" -H "Authorization: Bearer $token" | jq -r .serviceSasToken)

echo "SAS Token: $sastoken"

# Download a blob
# Ref: Using SAS Tokens: https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
file=test2.txt
curl -X GET "https://$account.blob.core.windows.net/$container/$file?$sastoken"

# List blobs in container
# https://docs.microsoft.com/en-us/rest/api/storageservices/list-blobs
# Using libxml2-utils (optional) to format XML
curl -s -X GET "https://$account.blob.core.windows.net/$container?restype=container&comp=list&$sastoken" -H "x-ms-version: 2017-11-09" -H "x-ms-date: $(date -u +"%a, %d %b %Y %H:%M:%S GMT")" | xmllint --format -

# Upload a blob
# https://docs.microsoft.com/en-us/rest/api/storageservices/put-blob
newfile=testupload.txt
echo "This is my new file. - $(date)" > $newfile
curl -X PUT -d @$newfile "https://$account.blob.core.windows.net/$container/$newfile?$sastoken" -H "x-ms-version: 2017-11-09" -H "x-ms-date: $(date -u +"%a, %d %b %Y %H:%M:%S GMT")" -H "Content-Type: text/plain" -H "x-ms-blob-type: BlockBlob"

# Download new blob to verify
curl -X GET "https://$account.blob.core.windows.net/$container/$newfile?$sastoken"
	# Using Service Principal
	tenantid=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
	clientid=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
	clientsecret=xxx....xxxx

	# Reqeust Bearer Token
	token=$(curl -s -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
	-d "grant_type=client_credentials&resource=https%3A%2F%2Fmanagement.azure.com%2F&client_id=$clientid&client_secret=$clientsecret" \
	"https://login.microsoftonline.com/$tenantid/oauth2/token" \| jq -r .access_token)

	# Format SAS Token Request (container read/write)
	subscription=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
	rg=resourceGroupName
	account=storageAccountName
	container=containerName
	end=`date -u -d "1 hour" '+%Y-%m-%dT%H:%M:%SZ'` # Expire token in 1h
	data="{\"signedVersion\":\"2012-02-12\",\"canonicalizedResource\":\"/blob/$account/$container\",\"signedResource\":\"c\",\"signedPermission\":\"rwl\",\"signedProtocol\":\"https\",\"signedExpiry\":\"$end\"}"

	# Request Service SAS Token
	# https://docs.microsoft.com/en-us/rest/api/storagerp/storage-accounts/list-service-sas
	# https://docs.microsoft.com/en-us/rest/api/storageservices/create-service-sas
	sastoken=$(curl -s -X POST --data $data "https://management.azure.com/subscriptions/$subscription/resourceGroups/$rg/providers/Microsoft.Storage/storageAccounts/$account/listServiceSas/?api-version=2017-06-01" -H "Authorization: Bearer $token" \| jq -r .serviceSasToken)

	echo "SAS Token: $sastoken"

	# Download a blob
	# Ref: Using SAS Tokens: https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
	file=test2.txt
	curl -X GET "https://$account.blob.core.windows.net/$container/$file?$sastoken"

	# List blobs in container
	# https://docs.microsoft.com/en-us/rest/api/storageservices/list-blobs
	# Using libxml2-utils (optional) to format XML
	curl -s -X GET "https://$account.blob.core.windows.net/$container?restype=container&comp=list&$sastoken" -H "x-ms-version: 2017-11-09" -H "x-ms-date: $(date -u +"%a, %d %b %Y %H:%M:%S GMT")" \| xmllint --format -

	# Upload a blob
	# https://docs.microsoft.com/en-us/rest/api/storageservices/put-blob
	newfile=testupload.txt
	echo "This is my new file. - $(date)" > $newfile
	curl -X PUT -d @$newfile "https://$account.blob.core.windows.net/$container/$newfile?$sastoken" -H "x-ms-version: 2017-11-09" -H "x-ms-date: $(date -u +"%a, %d %b %Y %H:%M:%S GMT")" -H "Content-Type: text/plain" -H "x-ms-blob-type: BlockBlob"

	# Download new blob to verify
	curl -X GET "https://$account.blob.core.windows.net/$container/$newfile?$sastoken"