storage.azure.com/v1api20220901

"2022-09-01"

ExpiryTime: Expiry time of the access policy

Permission: List of abbreviated permissions.

StartTime: Start time of the access policy

ExpiryTime: Expiry time of the access policy

Permission: List of abbreviated permissions.

StartTime: Start time of the access policy

AllowProtectedAppendWrites: This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.

ImmutabilityPeriodSinceCreationInDays: The immutability period for the blobs in the container since the policy creation, in days.

State: The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.

AllowProtectedAppendWrites: This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.

ImmutabilityPeriodSinceCreationInDays: The immutability period for the blobs in the container since the policy creation, in days.

State: The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted.

"Disabled"

"Locked"

"Unlocked"

"Disabled"

"Locked"

"Unlocked"

AccountType: Specifies the Active Directory account type for Azure Storage.

AzureStorageSid: Specifies the security identifier (SID) for Azure Storage.

DomainGuid: Specifies the domain GUID.

DomainName: Specifies the primary domain that the AD DNS server is authoritative for.

DomainSid: Specifies the security identifier (SID).

ForestName: Specifies the Active Directory forest to get.

NetBiosDomainName: Specifies the NetBIOS domain name.

SamAccountName: Specifies the Active Directory SAMAccountName for Azure Storage.

"Computer"

"User"

"Computer"

"User"

AccountType: Specifies the Active Directory account type for Azure Storage.

AzureStorageSid: Specifies the security identifier (SID) for Azure Storage.

DomainGuid: Specifies the domain GUID.

DomainName: Specifies the primary domain that the AD DNS server is authoritative for.

DomainSid: Specifies the security identifier (SID).

ForestName: Specifies the Active Directory forest to get.

NetBiosDomainName: Specifies the NetBIOS domain name.

SamAccountName: Specifies the Active Directory SAMAccountName for Azure Storage.

ActiveDirectoryProperties: Required if directoryServiceOptions are AD, optional if they are AADKERB.

DefaultSharePermission: Default share permission for users using Kerberos authentication if RBAC role is not assigned.

DirectoryServiceOptions: Indicates the directory service used. Note that this enum may be extended in the future.

"None"

"StorageFileDataSmbShareContributor"

"StorageFileDataSmbShareElevatedContributor"

"StorageFileDataSmbShareReader"

"None"

"StorageFileDataSmbShareContributor"

"StorageFileDataSmbShareElevatedContributor"

"StorageFileDataSmbShareReader"

"AADDS"

"AADKERB"

"AD"

"None"

"AADDS"

"AADKERB"

"AD"

"None"

ActiveDirectoryProperties: Required if directoryServiceOptions are AD, optional if they are AADKERB.

DefaultSharePermission: Default share permission for users using Kerberos authentication if RBAC role is not assigned.

DirectoryServiceOptions: Indicates the directory service used. Note that this enum may be extended in the future.

BlobRanges: Blob ranges to restore.

TimeToRestore: Restore blob to the specified time.

EndRange: Blob end range. This is exclusive. Empty means account end.

StartRange: Blob start range. This is inclusive. Empty means account start.

FailureReason: Failure reason when blob restore is failed.

Parameters: Blob restore request parameters.

RestoreId: Id for tracking blob restore request.

Status: The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.

"Complete"

"Failed"

"InProgress"

Enabled: Indicates whether change feed event logging is enabled for the Blob service.

RetentionInDays: Indicates the duration of changeFeed retention in days. Minimum value is 1 day and maximum value is 146000 days (400 years). A null value indicates an infinite retention of the change feed.

Enabled: Indicates whether change feed event logging is enabled for the Blob service.

RetentionInDays: Indicates the duration of changeFeed retention in days. Minimum value is 1 day and maximum value is 146000 days (400 years). A null value indicates an infinite retention of the change feed.

"Fixed"

"Infinite"

"Available"

"Breaking"

"Broken"

"Expired"

"Leased"

"Locked"

"Unlocked"

"Blob"

"Container"

"None"

"Blob"

"Container"

"None"

AllowedHeaders: Required if CorsRule element is present. A list of headers allowed to be part of the cross-origin request.

AllowedMethods: Required if CorsRule element is present. A list of HTTP methods that are allowed to be executed by the origin.

AllowedOrigins: Required if CorsRule element is present. A list of origin domains that will be allowed via CORS, or “*” to allow all domains

ExposedHeaders: Required if CorsRule element is present. A list of response headers to expose to CORS clients.

MaxAgeInSeconds: Required if CorsRule element is present. The number of seconds that the client/browser should cache a preflight response.

"DELETE"

"GET"

"HEAD"

"MERGE"

"OPTIONS"

"PATCH"

"POST"

"PUT"

"DELETE"

"GET"

"HEAD"

"MERGE"

"OPTIONS"

"PATCH"

"POST"

"PUT"

AllowedHeaders: Required if CorsRule element is present. A list of headers allowed to be part of the cross-origin request.

AllowedMethods: Required if CorsRule element is present. A list of HTTP methods that are allowed to be executed by the origin.

AllowedOrigins: Required if CorsRule element is present. A list of origin domains that will be allowed via CORS, or “*” to allow all domains

ExposedHeaders: Required if CorsRule element is present. A list of response headers to expose to CORS clients.

MaxAgeInSeconds: Required if CorsRule element is present. The number of seconds that the client/browser should cache a preflight response.

CorsRules: The List of CORS rules. You can include up to five CorsRule elements in the request.

CorsRules: The List of CORS rules. You can include up to five CorsRule elements in the request.

Name: Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.

UseSubDomainName: Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.

Name: Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.

UseSubDomainName: Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.

DaysAfterCreationGreaterThan: Value indicating the age in days after creation

DaysAfterLastTierChangeGreaterThan: Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterCreationGreaterThan to be set for snapshots and blob version based actions. The blob will be archived if both the conditions are satisfied.

DaysAfterCreationGreaterThan: Value indicating the age in days after creation

DaysAfterLastTierChangeGreaterThan: Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterCreationGreaterThan to be set for snapshots and blob version based actions. The blob will be archived if both the conditions are satisfied.

DaysAfterCreationGreaterThan: Value indicating the age in days after blob creation.

DaysAfterLastAccessTimeGreaterThan: Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy

DaysAfterLastTierChangeGreaterThan: Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterModificationGreaterThan to be set for baseBlobs based actions. The blob will be archived if both the conditions are satisfied.

DaysAfterModificationGreaterThan: Value indicating the age in days after last modification

DaysAfterCreationGreaterThan: Value indicating the age in days after blob creation.

DaysAfterLastAccessTimeGreaterThan: Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy

DaysAfterLastTierChangeGreaterThan: Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterModificationGreaterThan to be set for baseBlobs based actions. The blob will be archived if both the conditions are satisfied.

DaysAfterModificationGreaterThan: Value indicating the age in days after last modification

AllowPermanentDelete: This property when set to true allows deletion of the soft deleted blob versions and snapshots. This property cannot be used blob restore policy. This property only applies to blob service and does not apply to containers or file share.

Days: Indicates the number of days that the deleted item should be retained. The minimum specified value can be 1 and the maximum value can be 365.

Enabled: Indicates whether DeleteRetentionPolicy is enabled.

AllowPermanentDelete: This property when set to true allows deletion of the soft deleted blob versions and snapshots. This property cannot be used blob restore policy. This property only applies to blob service and does not apply to containers or file share.

Days: Indicates the number of days that the deleted item should be retained. The minimum specified value can be 1 and the maximum value can be 365.

Enabled: Indicates whether DeleteRetentionPolicy is enabled.

Identity: The identity to be used with service-side encryption at rest.

KeySource: The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault

Keyvaultproperties: Properties provided by key vault.

RequireInfrastructureEncryption: A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.

Services: List of services which support encryption.

FederatedIdentityClientId: ClientId of the multi-tenant application to be used in conjunction with the user-assigned identity for cross-tenant customer-managed-keys server-side encryption on the storage account.

UserAssignedIdentityReference: Resource identifier of the UserAssigned identity to be associated with server-side encryption on the storage account.

FederatedIdentityClientId: ClientId of the multi-tenant application to be used in conjunction with the user-assigned identity for cross-tenant customer-managed-keys server-side encryption on the storage account.

UserAssignedIdentity: Resource identifier of the UserAssigned identity to be associated with server-side encryption on the storage account.

Enabled: A boolean indicating whether or not the service encrypts the data as it is stored. Encryption at rest is enabled by default today and cannot be disabled.

KeyType: Encryption key type to be used for the encryption service. ‘Account’ key type implies that an account-scoped encryption key will be used. ‘Service’ key type implies that a default service key is used.

"Account"

"Service"

"Account"

"Service"

Enabled: A boolean indicating whether or not the service encrypts the data as it is stored. Encryption at rest is enabled by default today and cannot be disabled.

KeyType: Encryption key type to be used for the encryption service. ‘Account’ key type implies that an account-scoped encryption key will be used. ‘Service’ key type implies that a default service key is used.

LastEnabledTime: Gets a rough estimate of the date/time when the encryption was last enabled by the user. Data is encrypted at rest by default today and cannot be disabled.

Blob: The encryption function of the blob storage service.

File: The encryption function of the file storage service.

Queue: The encryption function of the queue storage service.

Table: The encryption function of the table storage service.

Blob: The encryption function of the blob storage service.

File: The encryption function of the file storage service.

Queue: The encryption function of the queue storage service.

Table: The encryption function of the table storage service.

"Microsoft.Keyvault"

"Microsoft.Storage"

"Microsoft.Keyvault"

"Microsoft.Storage"

Identity: The identity to be used with service-side encryption at rest.

KeySource: The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault

Keyvaultproperties: Properties provided by key vault.

RequireInfrastructureEncryption: A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.

Services: List of services which support encryption.

Blob: Gets the blob endpoint.

Dfs: Gets the dfs endpoint.

File: Gets the file endpoint.

InternetEndpoints: Gets the internet routing storage endpoints

MicrosoftEndpoints: Gets the microsoft routing storage endpoints.

Queue: Gets the queue endpoint.

Table: Gets the table endpoint.

Web: Gets the web endpoint.

Name: The name of the extended location.

Type: The type of the extended location.

"EdgeZone"

"EdgeZone"

Name: The name of the extended location.

Type: The type of the extended location.

"Cool"

"Hot"

"Premium"

"TransactionOptimized"

"Cool"

"Hot"

"Premium"

"TransactionOptimized"

"NFS"

"SMB"

"NFS"

"SMB"

"Fixed"

"Infinite"

"Available"

"Breaking"

"Broken"

"Expired"

"Leased"

"Locked"

"Unlocked"

"AllSquash"

"NoRootSquash"

"RootSquash"

"AllSquash"

"NoRootSquash"

"RootSquash"

CanFailover: A boolean flag which indicates whether or not account failover is supported for the account.

LastSyncTime: All primary writes preceding this UTC date/time value are guaranteed to be available for read operations. Primary writes following this point in time may or may not be available for reads. Element may be default value if value of LastSyncTime is not available, this can happen if secondary is offline or we are in bootstrap.

Status: The status of the secondary location. Possible values are: - Live: Indicates that the secondary location is active and operational. - Bootstrap: Indicates initial synchronization from the primary location to the secondary location is in progress.This typically occurs when replication is first enabled. - Unavailable: Indicates that the secondary location is temporarily unavailable.

"Bootstrap"

"Live"

"Unavailable"

Action: The action of IP ACL rule.

Value: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.

"Allow"

"Allow"

Action: The action of IP ACL rule.

Value: Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.

Type: The identity type.

UserAssignedIdentities: Gets or sets a list of key value pairs that describe the set of User Assigned identities that will be used with this storage account. The key is the ARM resource identifier of the identity. Only 1 User Assigned identity is permitted here.

PrincipalId: The principal ID of resource identity.

TenantId: The tenant ID of resource.

Type: The identity type.

UserAssignedIdentities: Gets or sets a list of key value pairs that describe the set of User Assigned identities that will be used with this storage account. The key is the ARM resource identifier of the identity. Only 1 User Assigned identity is permitted here.

"None"

"SystemAssigned"

"SystemAssigned,UserAssigned"

"UserAssigned"

"None"

"SystemAssigned"

"SystemAssigned,UserAssigned"

"UserAssigned"

AllowProtectedAppendWrites: This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API.

AllowProtectedAppendWritesAll: This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to both ‘Append and Bock Blobs’ while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API. The ‘allowProtectedAppendWrites’ and ‘allowProtectedAppendWritesAll’ properties are mutually exclusive.

Etag: ImmutabilityPolicy Etag.

ImmutabilityPeriodSinceCreationInDays: The immutability period for the blobs in the container since the policy creation, in days.

State: The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked.

UpdateHistory: The ImmutabilityPolicy update history of the blob container.

"Locked"

"Unlocked"

Enabled: A boolean flag which enables account-level immutability. All the containers under such an account have object-level immutability enabled by default.

ImmutabilityPolicy: Specifies the default account-level immutability policy which is inherited and applied to objects that do not possess an explicit immutability policy at the object level. The object-level immutability policy has higher precedence than the container-level immutability policy, which has a higher precedence than the account-level immutability policy.

Enabled: A boolean flag which enables account-level immutability. All the containers under such an account have object-level immutability enabled by default.

ImmutabilityPolicy: Specifies the default account-level immutability policy which is inherited and applied to objects that do not possess an explicit immutability policy at the object level. The object-level immutability policy has higher precedence than the container-level immutability policy, which has a higher precedence than the account-level immutability policy.

Enabled: This is an immutable property, when set to true it enables object level immutability at the container level.

"Completed"

"InProgress"

Enabled: This is an immutable property, when set to true it enables object level immutability at the container level.

MigrationState: This property denotes the container level immutability to object level immutability migration state.

TimeStamp: Returns the date and time the object level immutability was enabled.

KeyExpirationPeriodInDays: The key expiration period in days.

KeyExpirationPeriodInDays: The key expiration period in days.

Keyname: The name of KeyVault key.

Keyvaulturi: The Uri of KeyVault.

Keyversion: The version of KeyVault key.

CurrentVersionedKeyExpirationTimestamp: This is a read only property that represents the expiration time of the current version of the customer managed key used for encryption.

CurrentVersionedKeyIdentifier: The object identifier of the current versioned Key Vault Key in use.

Keyname: The name of KeyVault key.

Keyvaulturi: The Uri of KeyVault.

Keyversion: The version of KeyVault key.

LastKeyRotationTimestamp: Timestamp of last rotation of the Key Vault Key.

BlobType: An array of predefined supported blob types. Only blockBlob is the supported value. This field is currently read only

Enable: When set to true last access time based tracking is enabled.

Name: Name of the policy. The valid value is AccessTimeTracking. This field is currently read only

TrackingGranularityInDays: The field specifies blob object tracking granularity in days, typically how often the blob object should be tracked.This field is currently read only with value as 1

"AccessTimeTracking"

"AccessTimeTracking"

BlobType: An array of predefined supported blob types. Only blockBlob is the supported value. This field is currently read only

Enable: When set to true last access time based tracking is enabled.

Name: Name of the policy. The valid value is AccessTimeTracking. This field is currently read only

TrackingGranularityInDays: The field specifies blob object tracking granularity in days, typically how often the blob object should be tracked.This field is currently read only with value as 1

HasLegalHold: The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account.

ProtectedAppendWritesHistory: Protected append blob writes history.

Tags: The list of LegalHold tags of a blob container.

BaseBlob: The management policy action for base blob

Snapshot: The management policy action for snapshot

Version: The management policy action for version

BaseBlob: The management policy action for base blob

Snapshot: The management policy action for snapshot

Version: The management policy action for version

Delete: The function to delete the blob

EnableAutoTierToHotFromCool: This property enables auto tiering of a blob from cool to hot on a blob access. This property requires tierToCool.daysAfterLastAccessTimeGreaterThan.

TierToArchive: The function to tier blobs to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blobs to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Delete: The function to delete the blob

EnableAutoTierToHotFromCool: This property enables auto tiering of a blob from cool to hot on a blob access. This property requires tierToCool.daysAfterLastAccessTimeGreaterThan.

TierToArchive: The function to tier blobs to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blobs to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Actions: An object that defines the action set.

Filters: An object that defines the filter set.

Actions: An object that defines the action set.

Filters: An object that defines the filter set.

BlobIndexMatch: An array of blob index tag based filters, there can be at most 10 tag filters

BlobTypes: An array of predefined enum values. Currently blockBlob supports all tiering and delete actions. Only delete actions are supported for appendBlob.

PrefixMatch: An array of strings for prefixes to be match.

BlobIndexMatch: An array of blob index tag based filters, there can be at most 10 tag filters

BlobTypes: An array of predefined enum values. Currently blockBlob supports all tiering and delete actions. Only delete actions are supported for appendBlob.

PrefixMatch: An array of strings for prefixes to be match.

Definition: An object that defines the Lifecycle rule.

Enabled: Rule is enabled if set to true.

Name: A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy.

Type: The valid value is Lifecycle

Definition: An object that defines the Lifecycle rule.

Enabled: Rule is enabled if set to true.

Name: A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy.

Type: The valid value is Lifecycle

"Lifecycle"

"Lifecycle"

Rules: The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

Rules: The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

Delete: The function to delete the blob snapshot

TierToArchive: The function to tier blob snapshot to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blob snapshot to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Delete: The function to delete the blob snapshot

TierToArchive: The function to tier blob snapshot to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blob snapshot to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Delete: The function to delete the blob version

TierToArchive: The function to tier blob version to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blob version to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Delete: The function to delete the blob version

TierToArchive: The function to tier blob version to archive storage.

TierToCold: The function to tier blobs to cold storage.

TierToCool: The function to tier blob version to cool storage.

TierToHot: The function to tier blobs to hot storage. This action can only be used with Premium Block Blob Storage Accounts

Enabled: Indicates whether multichannel is enabled

Enabled: Indicates whether multichannel is enabled

Bypass: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Possible values are any combination of Logging|Metrics|AzureServices (For example, “Logging, Metrics”), or None to bypass none of those traffics.

DefaultAction: Specifies the default action of allow or deny when no other rules match.

IpRules: Sets the IP ACL rules

ResourceAccessRules: Sets the resource access rules

VirtualNetworkRules: Sets the virtual network rules

"AzureServices"

"Logging"

"Metrics"

"None"

"Allow"

"Deny"

"Allow"

"Deny"

Bypass: Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Possible values are any combination of Logging|Metrics|AzureServices (For example, “Logging, Metrics”), or None to bypass none of those traffics.

DefaultAction: Specifies the default action of allow or deny when no other rules match.

IpRules: Sets the IP ACL rules

ResourceAccessRules: Sets the resource access rules

VirtualNetworkRules: Sets the virtual network rules

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

AllowProtectedAppendWritesAll: When enabled, new blocks can be written to both ‘Append and Bock Blobs’ while maintaining legal hold protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted.

Timestamp: Returns the date and time the tag was added.

Smb: Setting for SMB protocol

Smb: Setting for SMB protocol

ResourceReference: Resource Id

TenantId: Tenant Id

ResourceId: Resource Id

TenantId: Tenant Id

Days: how long this blob can be restored. It should be great than zero and less than DeleteRetentionPolicy.days.

Enabled: Blob restore is enabled if set to true.

Days: how long this blob can be restored. It should be great than zero and less than DeleteRetentionPolicy.days.

Enabled: Blob restore is enabled if set to true.

LastEnabledTime: Deprecated in favor of minRestoreTime property.

MinRestoreTime: Returns the minimum date and time that the restore can be started.

PublishInternetEndpoints: A boolean flag which indicates whether internet routing storage endpoints are to be published

PublishMicrosoftEndpoints: A boolean flag which indicates whether microsoft routing storage endpoints are to be published

RoutingChoice: Routing Choice defines the kind of network routing opted by the user.

"InternetRouting"

"MicrosoftRouting"

"InternetRouting"

"MicrosoftRouting"

PublishInternetEndpoints: A boolean flag which indicates whether internet routing storage endpoints are to be published

PublishMicrosoftEndpoints: A boolean flag which indicates whether microsoft routing storage endpoints are to be published

RoutingChoice: Routing Choice defines the kind of network routing opted by the user.

ExpirationAction: The SAS expiration action. Can only be Log.

SasExpirationPeriod: The SAS expiration period, DD.HH:MM:SS.

"Log"

"Log"

ExpirationAction: The SAS expiration action. Can only be Log.

SasExpirationPeriod: The SAS expiration period, DD.HH:MM:SS.

AccessPolicy: Access policy

Reference: An unique identifier of the stored access policy.

AccessPolicy: Access policy

Id: An unique identifier of the stored access policy.

Name: The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.

Tier: The SKU tier. This is based on the SKU name.

"Premium_LRS"

"Premium_ZRS"

"Standard_GRS"

"Standard_GZRS"

"Standard_LRS"

"Standard_RAGRS"

"Standard_RAGZRS"

"Standard_ZRS"

"Premium_LRS"

"Premium_ZRS"

"Standard_GRS"

"Standard_GZRS"

"Standard_LRS"

"Standard_RAGRS"

"Standard_RAGZRS"

"Standard_ZRS"

Name: The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.

Tier: The SKU tier. This is based on the SKU name.

AuthenticationMethods: SMB authentication methods supported by server. Valid values are NTLMv2, Kerberos. Should be passed as a string with delimiter ‘;’.

ChannelEncryption: SMB channel encryption supported by server. Valid values are AES-128-CCM, AES-128-GCM, AES-256-GCM. Should be passed as a string with delimiter ‘;’.

KerberosTicketEncryption: Kerberos ticket encryption supported by server. Valid values are RC4-HMAC, AES-256. Should be passed as a string with delimiter ‘;’

Multichannel: Multichannel setting. Applies to Premium FileStorage only.

Versions: SMB protocol versions supported by server. Valid values are SMB2.1, SMB3.0, SMB3.1.1. Should be passed as a string with delimiter ‘;’.

AuthenticationMethods: SMB authentication methods supported by server. Valid values are NTLMv2, Kerberos. Should be passed as a string with delimiter ‘;’.

ChannelEncryption: SMB channel encryption supported by server. Valid values are AES-128-CCM, AES-128-GCM, AES-256-GCM. Should be passed as a string with delimiter ‘;’.

KerberosTicketEncryption: Kerberos ticket encryption supported by server. Valid values are RC4-HMAC, AES-256. Should be passed as a string with delimiter ‘;’

Multichannel: Multichannel setting. Applies to Premium FileStorage only.

Versions: SMB protocol versions supported by server. Valid values are SMB2.1, SMB3.0, SMB3.1.1. Should be passed as a string with delimiter ‘;’.

Blob: Gets the blob endpoint.

Dfs: Gets the dfs endpoint.

File: Gets the file endpoint.

Web: Gets the web endpoint.

Blob: Gets the blob endpoint.

Dfs: Gets the dfs endpoint.

File: Gets the file endpoint.

Queue: Gets the queue endpoint.

Table: Gets the table endpoint.

Web: Gets the web endpoint.

BlobEndpoint: indicates where the BlobEndpoint config map should be placed. If omitted, no config map will be created.

DfsEndpoint: indicates where the DfsEndpoint config map should be placed. If omitted, no config map will be created.

FileEndpoint: indicates where the FileEndpoint config map should be placed. If omitted, no config map will be created.

QueueEndpoint: indicates where the QueueEndpoint config map should be placed. If omitted, no config map will be created.

TableEndpoint: indicates where the TableEndpoint config map should be placed. If omitted, no config map will be created.

WebEndpoint: indicates where the WebEndpoint config map should be placed. If omitted, no config map will be created.

BlobEndpoint: indicates where the BlobEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

DfsEndpoint: indicates where the DfsEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

FileEndpoint: indicates where the FileEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

Key1: indicates where the Key1 secret should be placed. If omitted, the secret will not be retrieved from Azure.

Key2: indicates where the Key2 secret should be placed. If omitted, the secret will not be retrieved from Azure.

QueueEndpoint: indicates where the QueueEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

TableEndpoint: indicates where the TableEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

WebEndpoint: indicates where the WebEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

ConfigMaps: configures where to place operator written ConfigMaps.

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

Secrets: configures where to place Azure generated secrets.

"Cool"

"Hot"

"Premium"

"AAD"

"PrivateLink"

"AzureDnsZone"

"Standard"

"Disabled"

"Enabled"

"TLS1_0"

"TLS1_1"

"TLS1_2"

"Disabled"

"Enabled"

"Cool"

"Hot"

"Premium"

"AAD"

"PrivateLink"

"AzureDnsZone"

"Standard"

"Disabled"

"Enabled"

"TLS1_0"

"TLS1_1"

"TLS1_2"

"Creating"

"ResolvingDNS"

"Succeeded"

"Disabled"

"Enabled"

"available"

"unavailable"

"available"

"unavailable"

EndTime: This property represents the sku conversion end time.

SkuConversionStatus: This property indicates the current sku conversion status.

StartTime: This property represents the sku conversion start time.

TargetSkuName: This property represents the target sku name to which the account sku is being converted asynchronously.

"Failed"

"InProgress"

"Succeeded"

"BlobStorage"

"BlockBlobStorage"

"FileStorage"

"Storage"

"StorageV2"

"BlobStorage"

"BlockBlobStorage"

"FileStorage"

"Storage"

"StorageV2"

AccessTier: Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The ‘Premium’ access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.

AllowBlobPublicAccess: Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.

AllowCrossTenantReplication: Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.

AllowSharedKeyAccess: Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.

AllowedCopyScope: Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.

AzureFilesIdentityBasedAuthentication: Provides the identity based authentication settings for Azure Files.

BlobRestoreStatus: Blob restore status

Conditions: The observed state of the resource

CreationTime: Gets the creation date and time of the storage account in UTC.

CustomDomain: Gets the custom domain the user assigned to this storage account.

DefaultToOAuthAuthentication: A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.

DnsEndpointType: Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.

Encryption: Encryption settings to be used for server-side encryption for the storage account.

ExtendedLocation: The extendedLocation of the resource.

FailoverInProgress: If the failover is in progress, the value will be true, otherwise, it will be null.

GeoReplicationStats: Geo Replication Stats

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

Identity: The identity of the resource.

ImmutableStorageWithVersioning: The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the containers in the account by default.

IsHnsEnabled: Account HierarchicalNamespace enabled if sets to true.

IsLocalUserEnabled: Enables local users feature, if set to true

IsNfsV3Enabled: NFS 3.0 protocol support enabled if set to true.

IsSftpEnabled: Enables Secure File Transfer Protocol, if set to true

KeyCreationTime: Storage account keys creation time.

KeyPolicy: KeyPolicy assigned to the storage account.

Kind: Gets the Kind.

LargeFileSharesState: Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.

LastGeoFailoverTime: Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.

Location: The geo-location where the resource lives

MinimumTlsVersion: Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.

Name: The name of the resource

NetworkAcls: Network rule set

PrimaryEndpoints: Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.

PrimaryLocation: Gets the location of the primary data center for the storage account.

PrivateEndpointConnections: List of private endpoint connection associated with the specified storage account

ProvisioningState: Gets the status of the storage account at the time the operation was called.

PublicNetworkAccess: Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be ‘Enabled’ or ‘Disabled’.

RoutingPreference: Maintains information about the network routing choice opted by the user for data transfer

SasPolicy: SasPolicy assigned to the storage account.

SecondaryEndpoints: Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.

SecondaryLocation: Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.

Sku: Gets the SKU.

StatusOfPrimary: Gets the status indicating whether the primary location of the storage account is available or unavailable.

StatusOfSecondary: Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.

StorageAccountSkuConversionStatus: This property is readOnly and is set by server during asynchronous storage account sku conversion operations.

SupportsHttpsTrafficOnly: Allows https traffic only to storage service if sets to true.

Tags: Resource tags.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

AccessTier: Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The ‘Premium’ access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type.

AllowBlobPublicAccess: Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.

AllowCrossTenantReplication: Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.

AllowSharedKeyAccess: Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.

AllowedCopyScope: Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet.

AzureFilesIdentityBasedAuthentication: Provides the identity based authentication settings for Azure Files.

AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

CustomDomain: User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.

DefaultToOAuthAuthentication: A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property.

DnsEndpointType: Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier.

Encryption: Encryption settings to be used for server-side encryption for the storage account.

ExtendedLocation: Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location

Identity: The identity of the resource.

ImmutableStorageWithVersioning: The property is immutable and can only be set to true at the account creation time. When set to true, it enables object level immutability for all the new containers in the account by default.

IsHnsEnabled: Account HierarchicalNamespace enabled if sets to true.

IsLocalUserEnabled: Enables local users feature, if set to true

IsNfsV3Enabled: NFS 3.0 protocol support enabled if set to true.

IsSftpEnabled: Enables Secure File Transfer Protocol, if set to true

KeyPolicy: KeyPolicy assigned to the storage account.

Kind: Required. Indicates the type of storage account.

LargeFileSharesState: Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.

Location: Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.

MinimumTlsVersion: Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.

NetworkAcls: Network rule set

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource

PublicNetworkAccess: Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be ‘Enabled’ or ‘Disabled’.

RoutingPreference: Maintains information about the network routing choice opted by the user for data transfer

SasPolicy: SasPolicy assigned to the storage account.

Sku: Required. Gets or sets the SKU name.

SupportsHttpsTrafficOnly: Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.

Tags: Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

AutomaticSnapshotPolicyEnabled: Deprecated in favor of isVersioningEnabled property.

ChangeFeed: The blob service properties for change feed events.

Conditions: The observed state of the resource

ContainerDeleteRetentionPolicy: The blob service properties for container soft delete.

Cors: Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.

DefaultServiceVersion: DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.

DeleteRetentionPolicy: The blob service properties for blob soft delete.

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

IsVersioningEnabled: Versioning is enabled if set to true.

LastAccessTimeTrackingPolicy: The blob service property to configure last access time based tracking policy.

Name: The name of the resource

RestorePolicy: The blob service properties for blob restore policy.

Sku: Sku name and tier.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

AutomaticSnapshotPolicyEnabled: Deprecated in favor of isVersioningEnabled property.

ChangeFeed: The blob service properties for change feed events.

ContainerDeleteRetentionPolicy: The blob service properties for container soft delete.

Cors: Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.

DefaultServiceVersion: DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.

DeleteRetentionPolicy: The blob service properties for blob soft delete.

IsVersioningEnabled: Versioning is enabled if set to true.

LastAccessTimeTrackingPolicy: The blob service property to configure last access time based tracking policy.

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource

RestorePolicy: The blob service properties for blob restore policy.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

Conditions: The observed state of the resource

DefaultEncryptionScope: Default the container to use specified encryption scope for all writes.

Deleted: Indicates whether the blob container was deleted.

DeletedTime: Blob container deletion time.

DenyEncryptionScopeOverride: Block override of encryption scope from the container default.

EnableNfsV3AllSquash: Enable NFSv3 all squash on blob container.

EnableNfsV3RootSquash: Enable NFSv3 root squash on blob container.

Etag: Resource Etag.

HasImmutabilityPolicy: The hasImmutabilityPolicy public property is set to true by SRP if ImmutabilityPolicy has been created for this container. The hasImmutabilityPolicy public property is set to false by SRP if ImmutabilityPolicy has not been created for this container.

HasLegalHold: The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account.

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

ImmutabilityPolicy: The ImmutabilityPolicy property of the container.

ImmutableStorageWithVersioning: The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.

LastModifiedTime: Returns the date and time the container was last modified.

LeaseDuration: Specifies whether the lease on a container is of infinite or fixed duration, only when the container is leased.

LeaseState: Lease state of the container.

LeaseStatus: The lease status of the container.

LegalHold: The LegalHold property of the container.

Metadata: A name-value pair to associate with the container as metadata.

Name: The name of the resource

PublicAccess: Specifies whether data in the container may be accessed publicly and the level of access.

RemainingRetentionDays: Remaining retention days for soft deleted blob container.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

Version: The version of the deleted blob container.

AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

DefaultEncryptionScope: Default the container to use specified encryption scope for all writes.

DenyEncryptionScopeOverride: Block override of encryption scope from the container default.

EnableNfsV3AllSquash: Enable NFSv3 all squash on blob container.

EnableNfsV3RootSquash: Enable NFSv3 root squash on blob container.

ImmutableStorageWithVersioning: The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.

Metadata: A name-value pair to associate with the container as metadata.

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsBlobService resource

PublicAccess: Specifies whether data in the container may be accessed publicly and the level of access.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

Conditions: The observed state of the resource

Cors: Specifies CORS rules for the File service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the File service.

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

Name: The name of the resource

ProtocolSettings: Protocol settings for file service

ShareDeleteRetentionPolicy: The file service properties for share soft delete.

Sku: Sku name and tier.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

Cors: Specifies CORS rules for the File service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the File service.

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource

ProtocolSettings: Protocol settings for file service

ShareDeleteRetentionPolicy: The file service properties for share soft delete.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

AccessTier: Access tier for specific share. GpV2 account can choose between TransactionOptimized (default), Hot, and Cool. FileStorage account can choose Premium.

AccessTierChangeTime: Indicates the last modification time for share access tier.

AccessTierStatus: Indicates if there is a pending transition for access tier.

Conditions: The observed state of the resource

Deleted: Indicates whether the share was deleted.

DeletedTime: The deleted time if the share was deleted.

EnabledProtocols: The authentication protocol that is used for the file share. Can only be specified when creating a share.

Etag: Resource Etag.

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

LastModifiedTime: Returns the date and time the share was last modified.

LeaseDuration: Specifies whether the lease on a share is of infinite or fixed duration, only when the share is leased.

LeaseState: Lease state of the share.

LeaseStatus: The lease status of the share.

Metadata: A name-value pair to associate with the share as metadata.

Name: The name of the resource

RemainingRetentionDays: Remaining retention days for share that was soft deleted.

RootSquash: The property is for NFS share only. The default is NoRootSquash.

ShareQuota: The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400.

ShareUsageBytes: The approximate size of the data stored on the share. Note that this value may not include all recently created or recently resized files.

SignedIdentifiers: List of stored access policies specified on the share.

SnapshotTime: Creation time of share snapshot returned in the response of list shares with expand param “snapshots”.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

Version: The version of the share.

AccessTier: Access tier for specific share. GpV2 account can choose between TransactionOptimized (default), Hot, and Cool. FileStorage account can choose Premium.

AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

EnabledProtocols: The authentication protocol that is used for the file share. Can only be specified when creating a share.

Metadata: A name-value pair to associate with the share as metadata.

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsFileService resource

RootSquash: The property is for NFS share only. The default is NoRootSquash.

ShareQuota: The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400.

SignedIdentifiers: List of stored access policies specified on the share.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

Conditions: The observed state of the resource

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

LastModifiedTime: Returns the date and time the ManagementPolicies was last modified.

Name: The name of the resource

Policy: The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource

Policy: The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

Conditions: The observed state of the resource

Cors: Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

Name: The name of the resource

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

Cors: Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.

OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure

Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource

ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).

SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

ApproximateMessageCount: Integer indicating an approximate number of messages in the queue. This number is not lower than the actual number of messages in the queue, but could be higher.

Conditions: The observed state of the resource

Id: Fully qualified resource ID for the resource. Ex - /​subscriptions/​{subscriptionId}/​resourceGroups/​{resourceGroupName}/​providers/​{resourceProviderNamespace}/​{resourceType}/​{resourceName}

Metadata: A name-value pair that represents queue metadata.

Name: The name of the resource

Type: The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”

AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.

Metadata: A name-value pair that represents queue metadata.