Skip to content

Instantly share code, notes, and snippets.

@matejskubic

matejskubic/createSqlSharedAccessSignature.ps1

Last active November 3, 2022 18:08
Show Gist options
  • Save matejskubic/dc1aabb5d3578a53fa32d14fc8ddcf38 to your computer and use it in GitHub Desktop.
Save matejskubic/dc1aabb5d3578a53fa32d14fc8ddcf38 to your computer and use it in GitHub Desktop.
Download ZIP
Generate SQL shared access signature for azure storage account
Raw
createSqlSharedAccessSignature.ps1
[CmdletBinding()]
Param(
# subscription name
[parameter()]
[string]$subscriptionName = 'EA - MSDN - AX - ProdDev - 01'
,
# resource group name
[parameter()]
[string]$resourceGroupName='adaxbackup'
,
# storage account name
[parameter()]
[string]$storageAccountName = 'adaxbackup'
,
# container name - defaulto is machine host name
[parameter()]
[string]$containerName = [System.Environment]::MachineName
,
# Shared Access Signature policy name
[parameter()]
[string]$policyName = "sql_$containerName"
)
#$locationName = 'West Europe'
$containerName = $containerName.ToLowerInvariant()
#Login-AzAccount -SubscriptionName $subscriptionName #-Tenant
#New-AzResourceGroup -Name $resourceGroupName -Location $locationName
#New-AzStorageAccount -Name $storageAccountName -ResourceGroupName $resourceGroupName -Type Standard_GRS -Location $locationName
$accountKeys = Get-AzStorageAccountKey -ResourceGroupName $resourceGroupName -Name $storageAccountName
$storageContext = New-AzStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $accountKeys[0].Value
try
{
$container = Get-AzStorageContainer -Context $storageContext -Name $containerName -ErrorAction Stop
}
catch [Microsoft.WindowsAzure.Commands.Storage.Common.ResourceNotFoundException]
{
$container = New-AzStorageContainer -Context $storageContext -Name $containerName
}
$cbc = $container.CloudBlobContainer
$permissions = $cbc.GetPermissions();
$policy = New-Object Microsoft.Azure.Storage.Blob.SharedAccessBlobPolicy
$policy.SharedAccessStartTime = [datetime]"2017-01-01"
$policy.SharedAccessExpiryTime = [datetime]"2049-12-31"
$policy.Permissions = "Read,Write,List"
$permissions.SharedAccessPolicies.Add($policyName, $policy)
$cbc.SetPermissions($permissions)
$sas = $cbc.GetSharedAccessSignature($policy, $policyName)
Write-Host 'Credential T-SQL'
$tSql = "CREATE CREDENTIAL [{0}] WITH IDENTITY='Shared Access Signature', SECRET='{1}'" -f $cbc.Uri,$sas.Substring(1)
Write-Host $tSql
@matejskubic
Copy link
Author

https://learn.microsoft.com/en-us/sql/t-sql/statements/create-credential-transact-sql?view=sql-server-ver16#d-creating-a-credential-using-a-sas-token

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment