Skip to content

Instantly share code, notes, and snippets.

@shawnweisfeld
Last active October 31, 2022 21:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save shawnweisfeld/7d46df7aa66ecc4ffb3cabb6f8f349d8 to your computer and use it in GitHub Desktop.
Save shawnweisfeld/7d46df7aa66ecc4ffb3cabb6f8f349d8 to your computer and use it in GitHub Desktop.
** Code Sample
** NOTE: you need AD IAM permissions for this to work
namespace DemoSCID
{
internal class Program
{
static async Task Main(string[] args)
{
var sasUri = await GetSAS();
var blockBlobClient = new BlockBlobClient(sasUri, null);
await blockBlobClient.UploadAsync(File.OpenRead("ugtv.png"));
await blockBlobClient.DownloadToAsync($"{AppDomain.CurrentDomain.BaseDirectory}{blockBlobClient.Name}");
Console.WriteLine("Done!");
}
static async Task<Uri> GetSAS()
{
string accountName = "sawsastest";
string containerName = "test";
string blobName = $"ugtv-{DateTime.UtcNow:yyyyMMddhhmmss}.png";
var start = DateTimeOffset.UtcNow.AddMinutes(-15);
var end = DateTimeOffset.UtcNow.AddDays(7);
string serviceEndpoint = $"https://{accountName}.blob.core.windows.net";
string blobEndpoint = $"https://{accountName}.blob.core.windows.net/{containerName}/{blobName}";
var serviceClient = new BlobServiceClient(new Uri(serviceEndpoint), new DefaultAzureCredential());
UserDelegationKey userDelegationKey = await serviceClient.GetUserDelegationKeyAsync(start, end);
BlobSasBuilder sasBuilder = new BlobSasBuilder()
{
BlobContainerName = containerName,
Resource = "c",
CorrelationId = Guid.NewGuid().ToString(),
StartsOn = start,
ExpiresOn = end
};
sasBuilder.SetPermissions(BlobSasPermissions.All);
BlobUriBuilder blobUriBuilder = new BlobUriBuilder(new Uri(blobEndpoint))
{
Sas = sasBuilder.ToSasQueryParameters(userDelegationKey, accountName)
};
Console.WriteLine(blobUriBuilder);
return blobUriBuilder.ToUri();
}
}
}
*** SAS URL
https://sawsastest.blob.core.windows.net/test/ugtv-20221031081643.png?
skoid=aa867fe6-6944-4004-ad3f-f6eaeadf4f95&
sktid=72f988bf-86f1-41af-91ab-2d7cd011db47&
skt=2022-10-31T20%3A01%3A43Z&
ske=2022-11-07T20%3A16%3A43Z&
sks=b&skv=2021-10-04&
sv=2021-10-04&
st=2022-10-31T20%3A01%3A43Z&
se=2022-11-07T20%3A16%3A43Z&
sr=c&
sp=racwdxyltmei&
scid=a78c45e5-1bb3-44ab-8753-f399e7b90a31&
sig=xxxxxxxxxxxxxxxxxxxxxx
*** Write Log Entry
{
"time": "2022-10-31T20:16:52.1487060Z",
"resourceId": "/subscriptions/b8575eed-7b9f-4405-87b3-815c52629436/resourceGroups/sawtest/providers/Microsoft.Storage/storageAccounts/sawsastest/blobServices/default",
"category": "StorageWrite",
"operationName": "PutBlob",
"operationVersion": "2021-10-04",
"schemaVersion": "1.0",
"statusCode": 201,
"statusText": "Success",
"durationMs": 12,
"callerIpAddress": "192.63.70.15:49913",
"correlationId": "3506259f-501e-00b9-7865-ed258a000000",
"identity": {
"type": "DelegationSas",
"tokenHash": "user-delegation(77E8438E0EBE2FA5F8CBB9DAACC952DB225CD94E8E9EB3C52784C03CDB1F5DC3),SasSignature(49B445A691E077C2024D7340B2F4C435B395E71A4FD06EFFFA529F89B7BAC8B1)",
"authorization": [
{
"action": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write",
"roleAssignmentId": "84cbacf3-b8aa-4d8d-abe1-18b75bf960e4",
"roleDefinitionId": "b7e6dc6d-f1e8-4753-8033-0f276bb0955b",
"principals": [
{
"id": "aa867fe6-6944-4004-ad3f-f6eaeadf4f95",
"type": "User"
}
],
"denyAssignmentId": "",
"type": "RBAC",
"result": "Granted",
"reason": "Policy"
}
],
"requester": {
"objectId": "aa867fe6-6944-4004-ad3f-f6eaeadf4f95",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47"
}
},
"location": "South Central US",
"properties": {
"accountName": "sawsastest",
"userAgentHeader": "azsdk-net-Storage.Blobs/12.14.1 (.NET Core 3.1.30; Microsoft Windows 10.0.22621)",
"clientRequestId": "d08ed6a1-697a-4280-a488-60b95f97360e",
"etag": "\"0x8DABB7CD93E3819\"",
"serviceType": "blob",
"objectKey": "/sawsastest/test/ugtv-20221031081643.png",
"responseMd5": "wwTwwPLjoQV7GnevyxJgyw==",
"lastModifiedTime": "10/31/2022 8:16:52 PM",
"metricResponseType": "Success",
"serverLatencyMs": 12,
"requestHeaderSize": 747,
"requestBodySize": 10892,
"responseHeaderSize": 337,
"contentLengthHeader": 10892,
"tlsVersion": "TLS 1.2"
},
"uri": "https://sawsastest.blob.core.windows.net:443/test/ugtv-20221031081643.png?skoid=aa867fe6-6944-4004XXXXXXXXXXXXXXXXXX&sktid=72f988bf-86f1-41af-91ab-2d7cd011db47&skt=2022-10-31T20%3A01%3A43Z&ske=2022-11-07T20%3A16%3A43Z&sks=b&skv=2021-10-04&sv=2021-10-04&st=2022-10-31T20%3A01%3A43Z&se=2022-11-07T20%3A16%3A43Z&sr=c&sp=racwdxyltmei&scid=a78c45e5-1bb3-44ab-8753-f399e7b90a31&sig=XXXXX",
"protocol": "HTTPS",
"resourceType": "Microsoft.Storage/storageAccounts/blobServices"
}
*** Read Log Entry
{
"time": "2022-10-31T20:16:52.2299807Z",
"resourceId": "/subscriptions/b8575eed-7b9f-4405-87b3-815c52629436/resourceGroups/sawtest/providers/Microsoft.Storage/storageAccounts/sawsastest/blobServices/default",
"category": "StorageRead",
"operationName": "GetBlob",
"operationVersion": "2021-10-04",
"schemaVersion": "1.0",
"statusCode": 206,
"statusText": "Success",
"durationMs": 28,
"callerIpAddress": "192.63.70.15:49913",
"correlationId": "350625c4-501e-00b9-1a65-ed258a000000",
"identity": {
"type": "DelegationSas",
"tokenHash": "user-delegation(77E8438E0EBE2FA5F8CBB9DAACC952DB225CD94E8E9EB3C52784C03CDB1F5DC3),SasSignature(49B445A691E077C2024D7340B2F4C435B395E71A4FD06EFFFA529F89B7BAC8B1)",
"authorization": [
{
"action": "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
"roleAssignmentId": "84cbacf3-b8aa-4d8d-abe1-18b75bf960e4",
"roleDefinitionId": "b7e6dc6d-f1e8-4753-8033-0f276bb0955b",
"principals": [
{
"id": "aa867fe6-6944-4004-ad3f-f6eaeadf4f95",
"type": "User"
}
],
"denyAssignmentId": "",
"type": "RBAC",
"result": "Granted",
"reason": "Policy"
}
],
"requester": {
"objectId": "aa867fe6-6944-4004-ad3f-f6eaeadf4f95",
"tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47"
}
},
"location": "South Central US",
"properties": {
"accountName": "sawsastest",
"userAgentHeader": "azsdk-net-Storage.Blobs/12.14.1 (.NET Core 3.1.30; Microsoft Windows 10.0.22621)",
"clientRequestId": "36957183-bb44-4cc9-a9e2-83c6da5ed485",
"etag": "\"0x8DABB7CD93E3819\"",
"serviceType": "blob",
"objectKey": "/sawsastest/test/ugtv-20221031081643.png",
"lastModifiedTime": "10/31/2022 8:16:52 PM",
"metricResponseType": "Success",
"serverLatencyMs": 11,
"requestHeaderSize": 696,
"responseHeaderSize": 519,
"responseBodySize": 10892,
"tlsVersion": "TLS 1.2",
"downloadRange": "bytes=0-268435455"
},
"uri": "https://sawsastest.blob.core.windows.net:443/test/ugtv-20221031081643.png?skoid=aa867fe6-6944-4004XXXXXXXXXXXXXXXXXX&sktid=72f988bf-86f1-41af-91ab-2d7cd011db47&skt=2022-10-31T20%3A01%3A43Z&ske=2022-11-07T20%3A16%3A43Z&sks=b&skv=2021-10-04&sv=2021-10-04&st=2022-10-31T20%3A01%3A43Z&se=2022-11-07T20%3A16%3A43Z&sr=c&sp=racwdxyltmei&scid=a78c45e5-1bb3-44ab-8753-f399e7b90a31&sig=XXXXX",
"protocol": "HTTPS",
"resourceType": "Microsoft.Storage/storageAccounts/blobServices"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment