From 16e73348e9e41cdbd4e7d4a5dcd709d08f81a5a0 Mon Sep 17 00:00:00 2001 From: Himanshu Chhabra Date: Thu, 19 Nov 2020 17:42:22 -0800 Subject: [PATCH 1/3] Add allowSharedKeyAccess property support --- .../examples/StorageAccountCreate.json | 2 ++ .../examples/StorageAccountUpdate.json | 2 ++ .../preview/2020-08-01-preview/storage.json | 15 +++++++++++++++ 3 files changed, 19 insertions(+) diff --git a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountCreate.json b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountCreate.json index 220209545654..07ba94ef9ed9 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountCreate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountCreate.json @@ -18,6 +18,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "routingPreference": { "routingChoice": "MicrosoftRouting", "publishMicrosoftEndpoints": true, @@ -59,6 +60,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "creationTime": "2017-05-24T13:25:33.4863236Z", "primaryEndpoints": { "web": "https://sto4445.web.core.windows.net/", diff --git a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountUpdate.json b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountUpdate.json index 1426ec2791e9..5df0dcd62006 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountUpdate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/examples/StorageAccountUpdate.json @@ -9,6 +9,7 @@ "properties": { "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "networkAcls": { "resourceAccessRules": [ { @@ -50,6 +51,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "creationTime": "2017-06-01T02:42:41.7633306Z", "networkAcls": { "resourceAccessRules": [ diff --git a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json index 9b4b10b75728..fd621bcc93f6 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json +++ b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json @@ -2442,6 +2442,11 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "x-ms-client-name": "allowSharedKeyAccess", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used to create the storage account." @@ -2952,6 +2957,11 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "x-ms-client-name": "allowSharedKeyAccess", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "Properties of the storage account." @@ -3174,6 +3184,11 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "x-ms-client-name": "allowSharedKeyAccess", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used when updating a storage account." From 4b53829468a0e1cd11ba798235456ea055b593a1 Mon Sep 17 00:00:00 2001 From: Himanshu Chhabra Date: Thu, 19 Nov 2020 18:34:40 -0800 Subject: [PATCH 2/3] Remove x-ms-clientname as it cannot be same as property name as per new ARM rules --- .../Microsoft.Storage/preview/2020-08-01-preview/storage.json | 3 --- 1 file changed, 3 deletions(-) diff --git a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json index fd621bcc93f6..027a15aadb04 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json +++ b/specification/storage/resource-manager/Microsoft.Storage/preview/2020-08-01-preview/storage.json @@ -2445,7 +2445,6 @@ }, "allowSharedKeyAccess": { "type": "boolean", - "x-ms-client-name": "allowSharedKeyAccess", "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, @@ -2960,7 +2959,6 @@ }, "allowSharedKeyAccess": { "type": "boolean", - "x-ms-client-name": "allowSharedKeyAccess", "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, @@ -3187,7 +3185,6 @@ }, "allowSharedKeyAccess": { "type": "boolean", - "x-ms-client-name": "allowSharedKeyAccess", "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, From 54c2057825105506ea5361deef529175c436e96d Mon Sep 17 00:00:00 2001 From: Himanshu Chhabra Date: Wed, 27 Jan 2021 15:24:06 -0800 Subject: [PATCH 3/3] backfill June19 and April19 Api versions with allowsharedkeyaccess --- .../2019-04-01/examples/StorageAccountCreate.json | 2 ++ .../2019-04-01/examples/StorageAccountUpdate.json | 2 ++ .../Microsoft.Storage/stable/2019-04-01/storage.json | 12 ++++++++++++ .../2019-06-01/examples/StorageAccountCreate.json | 2 ++ .../2019-06-01/examples/StorageAccountUpdate.json | 2 ++ .../Microsoft.Storage/stable/2019-06-01/storage.json | 12 ++++++++++++ 6 files changed, 32 insertions(+) diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountCreate.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountCreate.json index d3930f349262..cdbedfd7aa0d 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountCreate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountCreate.json @@ -13,6 +13,7 @@ "properties": { "isHnsEnabled": true, "allowBlobPublicAccess": false, + "allowSharedKeyAccess": true, "minimumTlsVersion": "TLS1_2" }, "tags": { @@ -31,6 +32,7 @@ "properties": { "isHnsEnabled": true, "allowBlobPublicAccess": false, + "allowSharedKeyAccess": true, "minimumTlsVersion": "TLS1_2", "creationTime": "2017-05-24T13:25:33.4863236Z", "primaryEndpoints": { diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountUpdate.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountUpdate.json index 9b5ed0641d32..e098ea8118d5 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountUpdate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/examples/StorageAccountUpdate.json @@ -8,6 +8,7 @@ "parameters": { "properties": { "allowBlobPublicAccess": false, + "allowSharedKeyAccess": true, "minimumTlsVersion": "TLS1_2", "networkAcls": { "defaultAction": "Allow" @@ -36,6 +37,7 @@ "properties": { "isHnsEnabled": true, "allowBlobPublicAccess": false, + "allowSharedKeyAccess": true, "minimumTlsVersion": "TLS1_2", "creationTime": "2017-06-01T02:42:41.7633306Z", "networkAcls": { diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/storage.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/storage.json index e1cf321fdfa3..0fffdbabf28d 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/storage.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-04-01/storage.json @@ -1469,6 +1469,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used to create the storage account." @@ -1774,6 +1778,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "Properties of the storage account." @@ -1954,6 +1962,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used when updating a storage account." diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountCreate.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountCreate.json index 0151d8284d76..e30ef9dc661d 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountCreate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountCreate.json @@ -14,6 +14,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "routingPreference": { "routingChoice": "MicrosoftRouting", "publishMicrosoftEndpoints": true, @@ -51,6 +52,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "creationTime": "2017-05-24T13:25:33.4863236Z", "primaryEndpoints": { "web": "https://sto4445.web.core.windows.net/", diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountUpdate.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountUpdate.json index 46b35b050ae5..b17b849b81cf 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountUpdate.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/examples/StorageAccountUpdate.json @@ -9,6 +9,7 @@ "properties": { "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "networkAcls": { "defaultAction": "Allow" }, @@ -44,6 +45,7 @@ "isHnsEnabled": true, "allowBlobPublicAccess": false, "minimumTlsVersion": "TLS1_2", + "allowSharedKeyAccess": true, "creationTime": "2017-06-01T02:42:41.7633306Z", "networkAcls": { "bypass": "AzureServices", diff --git a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/storage.json b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/storage.json index 8ec6e6bdd1db..7a80015ee4c3 100644 --- a/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/storage.json +++ b/specification/storage/resource-manager/Microsoft.Storage/stable/2019-06-01/storage.json @@ -2149,6 +2149,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used to create the storage account." @@ -2602,6 +2606,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "Properties of the storage account." @@ -2787,6 +2795,10 @@ "modelAsString": true }, "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "allowSharedKeyAccess": { + "type": "boolean", + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." } }, "description": "The parameters used when updating a storage account."