Storage account related commands:
=================================

Delete a storage account:
-------------------------

::

  $ az storage account delete -y -n dolsa0x001 -g rg0x001

display public access attribute:
#-------------------------------

::

  az storage account list \
  --query '[].{Name:name,PubAccess:allowBlobPublicAccess}' \
  --output table
  Name      PubAccess
  --------  -----------
  dolnfssa  True

List encryption service status:
-------------------------------

::

  $ az storage account show -g rg0x001 -n dolsa0x003 --query encryption.services
  {
    "blob": {
      "enabled": true,
      "keyType": "Account",
      "lastEnabledTime": "2022-05-29T16:05:07.075247+00:00"
    },
    "file": {
      "enabled": true,
      "keyType": "Account",
      "lastEnabledTime": "2022-05-29T16:05:07.075247+00:00"
    },
    "queue": {
      "enabled": true,
      "keyType": "Account",
      "lastEnabledTime": "2022-05-29T16:05:07.075247+00:00"
    },
    "table": null
  }

Verify a storage account name is available:
-------------------------------------------

::

  $ az storage account check-name -n testing
  {
    "message": "The storage account named testing is already taken.",
    "nameAvailable": false,
    "reason": "AlreadyExists"
  }

Creating storage accounts:
--------------------------

Scripting this effort is probalby a good idea.  My mksa script 
creates the storage account, adds a network rule, then sets
the default action to deny:

Create sa:
..........

::

  $ az storage account create -g ${rg} -n ${sa} \
    --encryption-services table \
    --access-tier hot -k true -q Account -l centralus \
    --allow-blob-public-access true --sku Standard_LRS \
    --kind StorageV2 --https-only true \
    --min-tls-version TLS1_2 --public-network-access Enabled \
    --tags env=test -i false \
    --output none

Add network rule:
.................

::

  $  az storage account network-rule add -g ${rg} \
      -n ${sa} --ip-address ${myip} --output none

Set default action:
...................

::

  $ az storage account update -g ${rg} -n ${sa} \
    --default-action Deny --output none

Allowing/Denying default internet access:
-----------------------------------------

::

  $ az storage account update -g rg0x002 -n sa0x002 --default-action [ Allow | Deny ]

Add IP restrictions:
--------------------

::

  $ az storage account network-rule add -g rg0x002 -n sa0x002 --ip-address ${myip}
  $ az storage account network-rule add -g rg0x002 -n sa0x002 --ip-address ${cidr}

Generating a SAS token:
-----------------------

Generic:
.........

::

  $ end=`date -v+12H '+%Y-%m-%dT%H:%MZ'`
  $ az storage account generate-sas --permissions cdlruwap \
      --account-name sa0x002 --services b --resource-types sco \
      --expiry ${end} 2>/dev/null
  "[[sas token snipped]]"

Assign to a variable:
.....................

::

  $ t=$(az storage account generate-sas --permissions cdlruwap \
      --account-name sa0x002 --services b --resource-types sco \
      --expiry ${end} 2>/dev/null)

Creating a new blob:
--------------------

::

  $ base=https://sa0x002.blob.core.windows.net
  $ b=bl0x002
  $ azcopy make "${base}/${b}?${t}"
  
  Successfully created the resource.

Copying a directory recursively:
--------------------------------

::

  $ d=golang
  $ azcopy copy ${d} "${base/${b}}/?${t}" --follow-symlinks --put-md5 \
     --disable-auto-decoding=false --recursive --log-level=INFO

Listing out the contents:
-------------------------

::

  $ azcopy list "${base}/${b}}/ansible/?${t}"
  INFO: Ansible_cfg;  Content Length: 325.00 B
  INFO: dol.cfg;  Content Length: 37.44 KiB
  INFO: mkenv.yml;  Content Length: 3.38 KiB
  INFO: mkrg.yml;  Content Length: 217.00 B
  INFO: mkvnet.yml;  Content Length: 310.00 B
  INFO: testies.yml;  Content Length: 267.00 B
  INFO: times;  Content Length: 762.00 B
  INFO: files/dkoleary.pub;  Content Length: 393.00 B
  INFO: azcopy: A newer version 10.16.1 is available to download
  
  INFO: group_vars/all;  Content Length: 1.49 KiB
  INFO: tasks/mkvms.yml;  Content Length: 1.39 KiB
  INFO: tasks/nsg-basic.yml;  Content Length: 194.00 B
  INFO: tasks/nsg-https.yml;  Content Length: 492.00 B
  INFO: tasks/nsg-mysql-https.yml;  Content Length: 1.12 KiB
  INFO: tasks/nsg-ssh.yml;  Content Length: 537.00 B
  INFO: tasks/public_vm.yml;  Content Length: 1.19 KiB
  INFO: inventory/hosts;  Content Length: 10.00 B