Set-AzStorageAccount

Set-AzStorageAccount
    [-ResourceGroupName] <String>
    [-Name] <String>
    [-Force]
    [-SkuName <String>]
    [-AccessTier <String>]
    [-CustomDomainName <String>]
    [-UseSubDomain <Boolean>]
    [-Tag <Hashtable>]
    [-EnableHttpsTrafficOnly <Boolean>]
    [-StorageEncryption]
    [-AssignIdentity]
    [-UserAssignedIdentityId <String>]
    [-KeyVaultUserAssignedIdentityId <String>]
    [-KeyVaultFederatedClientId <String>]
    [-IdentityType <String>]
    [-NetworkRuleSet <PSNetworkRuleSet>]
    [-UpgradeToStorageV2]
    [-EnableAzureActiveDirectoryDomainServicesForFile <Boolean>]
    [-EnableLargeFileShare]
    [-PublishMicrosoftEndpoint <Boolean>]
    [-PublishInternetEndpoint <Boolean>]
    [-EnableSmbOAuth <Boolean>]
    [-AllowBlobPublicAccess <Boolean>]
    [-MinimumTlsVersion <String>]
    [-AllowSharedKeyAccess <Boolean>]
    [-SasExpirationPeriod <TimeSpan>]
    [-SasExpirationAction <String>]
    [-KeyExpirationPeriodInDay <Int32>]
    [-AllowCrossTenantReplication <Boolean>]
    [-DefaultSharePermission <String>]
    [-PublicNetworkAccess <String>]
    [-ImmutabilityPeriod <Int32>]
    [-ImmutabilityPolicyState <String>]
    [-EnableSftp <Boolean>]
    [-EnableLocalUser <Boolean>]
    [-AllowedCopyScope <String>]
    [-Zone <String[]>]
    [-ZonePlacementPolicy <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-RoutingChoice <String>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Set-AzStorageAccount
    [-ResourceGroupName] <String>
    [-Name] <String>
    -KeyName <String>
    -KeyVaultUri <String>
    [-Force]
    [-SkuName <String>]
    [-AccessTier <String>]
    [-CustomDomainName <String>]
    [-UseSubDomain <Boolean>]
    [-Tag <Hashtable>]
    [-EnableHttpsTrafficOnly <Boolean>]
    [-KeyvaultEncryption]
    [-KeyVersion <String>]
    [-AssignIdentity]
    [-UserAssignedIdentityId <String>]
    [-KeyVaultUserAssignedIdentityId <String>]
    [-KeyVaultFederatedClientId <String>]
    [-IdentityType <String>]
    [-NetworkRuleSet <PSNetworkRuleSet>]
    [-UpgradeToStorageV2]
    [-EnableAzureActiveDirectoryDomainServicesForFile <Boolean>]
    [-EnableLargeFileShare]
    [-PublishMicrosoftEndpoint <Boolean>]
    [-PublishInternetEndpoint <Boolean>]
    [-EnableSmbOAuth <Boolean>]
    [-AllowBlobPublicAccess <Boolean>]
    [-MinimumTlsVersion <String>]
    [-AllowSharedKeyAccess <Boolean>]
    [-SasExpirationPeriod <TimeSpan>]
    [-SasExpirationAction <String>]
    [-KeyExpirationPeriodInDay <Int32>]
    [-AllowCrossTenantReplication <Boolean>]
    [-DefaultSharePermission <String>]
    [-PublicNetworkAccess <String>]
    [-ImmutabilityPeriod <Int32>]
    [-ImmutabilityPolicyState <String>]
    [-EnableSftp <Boolean>]
    [-EnableLocalUser <Boolean>]
    [-AllowedCopyScope <String>]
    [-Zone <String[]>]
    [-ZonePlacementPolicy <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-RoutingChoice <String>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Set-AzStorageAccount
    [-ResourceGroupName] <String>
    [-Name] <String>
    [-Force]
    [-SkuName <String>]
    [-AccessTier <String>]
    [-CustomDomainName <String>]
    [-UseSubDomain <Boolean>]
    [-Tag <Hashtable>]
    [-EnableHttpsTrafficOnly <Boolean>]
    [-AssignIdentity]
    [-UserAssignedIdentityId <String>]
    [-KeyVaultUserAssignedIdentityId <String>]
    [-KeyVaultFederatedClientId <String>]
    [-IdentityType <String>]
    [-NetworkRuleSet <PSNetworkRuleSet>]
    [-UpgradeToStorageV2]
    [-EnableLargeFileShare]
    [-PublishMicrosoftEndpoint <Boolean>]
    [-PublishInternetEndpoint <Boolean>]
    [-EnableAzureActiveDirectoryKerberosForFile <Boolean>]
    [-ActiveDirectoryDomainName <String>]
    [-ActiveDirectoryDomainGuid <String>]
    [-EnableSmbOAuth <Boolean>]
    [-AllowBlobPublicAccess <Boolean>]
    [-MinimumTlsVersion <String>]
    [-AllowSharedKeyAccess <Boolean>]
    [-SasExpirationPeriod <TimeSpan>]
    [-SasExpirationAction <String>]
    [-KeyExpirationPeriodInDay <Int32>]
    [-AllowCrossTenantReplication <Boolean>]
    [-DefaultSharePermission <String>]
    [-PublicNetworkAccess <String>]
    [-ImmutabilityPeriod <Int32>]
    [-ImmutabilityPolicyState <String>]
    [-EnableSftp <Boolean>]
    [-EnableLocalUser <Boolean>]
    [-AllowedCopyScope <String>]
    [-Zone <String[]>]
    [-ZonePlacementPolicy <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-RoutingChoice <String>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Set-AzStorageAccount
    [-ResourceGroupName] <String>
    [-Name] <String>
    -EnableActiveDirectoryDomainServicesForFile <Boolean>
    [-Force]
    [-SkuName <String>]
    [-AccessTier <String>]
    [-CustomDomainName <String>]
    [-UseSubDomain <Boolean>]
    [-Tag <Hashtable>]
    [-EnableHttpsTrafficOnly <Boolean>]
    [-AssignIdentity]
    [-UserAssignedIdentityId <String>]
    [-KeyVaultUserAssignedIdentityId <String>]
    [-KeyVaultFederatedClientId <String>]
    [-IdentityType <String>]
    [-NetworkRuleSet <PSNetworkRuleSet>]
    [-UpgradeToStorageV2]
    [-EnableLargeFileShare]
    [-PublishMicrosoftEndpoint <Boolean>]
    [-PublishInternetEndpoint <Boolean>]
    [-ActiveDirectoryDomainName <String>]
    [-ActiveDirectoryNetBiosDomainName <String>]
    [-ActiveDirectoryForestName <String>]
    [-ActiveDirectoryDomainGuid <String>]
    [-ActiveDirectoryDomainSid <String>]
    [-ActiveDirectoryAzureStorageSid <String>]
    [-ActiveDirectorySamAccountName <String>]
    [-ActiveDirectoryAccountType <String>]
    [-EnableSmbOAuth <Boolean>]
    [-AllowBlobPublicAccess <Boolean>]
    [-MinimumTlsVersion <String>]
    [-AllowSharedKeyAccess <Boolean>]
    [-SasExpirationPeriod <TimeSpan>]
    [-SasExpirationAction <String>]
    [-KeyExpirationPeriodInDay <Int32>]
    [-AllowCrossTenantReplication <Boolean>]
    [-DefaultSharePermission <String>]
    [-PublicNetworkAccess <String>]
    [-ImmutabilityPeriod <Int32>]
    [-ImmutabilityPolicyState <String>]
    [-EnableSftp <Boolean>]
    [-EnableLocalUser <Boolean>]
    [-AllowedCopyScope <String>]
    [-Zone <String[]>]
    [-ZonePlacementPolicy <String>]
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [-RoutingChoice <String>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Cmdleten Set-AzStorageAccount ändrar ett Azure Storage-konto. Du kan använda den här cmdleten för att ändra kontotypen, uppdatera en kunddomän eller ange taggar för ett lagringskonto.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -SkuName "Standard_RAGRS"

Det här kommandot anger lagringskontotypen till Standard_RAGRS.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -CustomDomainName "www.contoso.com" -UseSubDomain $true

Det här kommandot anger en anpassad domän för ett lagringskonto.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -AccessTier Cool

Kommandot anger att värdet för åtkomstnivå ska vara lågfrekvent.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -CustomDomainName "www.domainname.com" -UseSubDomain $true -Tag @{tag0="value0";tag1="value1";tag2="value2"}

Kommandot anger den anpassade domänen och taggarna för ett lagringskonto.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -AssignIdentity
$account = Get-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount"

$keyVault = New-AzKeyVault -VaultName "MyKeyVault" -ResourceGroupName "MyResourceGroup" -Location "EastUS2"
$key = Add-AzKeyVaultKey -VaultName "MyKeyVault" -Name "MyKey" -Destination 'Software'
Set-AzKeyVaultAccessPolicy -VaultName "MyKeyVault" -ObjectId $account.Identity.PrincipalId -PermissionsToKeys wrapkey,unwrapkey,get

# In case to enable key auto rotation, don't set KeyVersion
Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -KeyvaultEncryption -KeyName $key.Name -KeyVersion $key.Version -KeyVaultUri $keyVault.VaultUri

# In case to enable key auto rotation after set keyvault properties with KeyVersion, can update account by set KeyVersion to empty
Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -KeyvaultEncryption -KeyName $key.Name -KeyVersion "" -KeyVaultUri $keyVault.VaultUri

Det här kommandot anger Encryption KeySource med en ny skapad Keyvault. Om du vill aktivera automatisk nyckelrotering ska du inte ange keyversion när du anger Keyvault-egenskaper för första gången, eller rensa den genom att ange keyvault-egenskaper igen med keyversion som tom.

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -StorageEncryption

Det här kommandot anger Encryption KeySource till "Microsoft.Storage"

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -NetworkRuleSet (@{bypass="Logging,Metrics";
    ipRules=(@{IPAddressOrRange="20.11.0.0/16";Action="allow"},
            @{IPAddressOrRange="10.0.0.0/7";Action="allow"});
    virtualNetworkRules=(@{VirtualNetworkResourceId="/subscriptions/s1/resourceGroups/g1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1";Action="allow"},
                        @{VirtualNetworkResourceId="/subscriptions/s1/resourceGroups/g1/providers/Microsoft.Network/virtualNetworks/vnet2/subnets/subnet2";Action="allow"});
    defaultAction="allow"})

Det här kommandot anger egenskapen NetworkRuleSet för ett lagringskonto med JSON

$networkRuleSet = (Get-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount").NetworkRuleSet
Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount2" -NetworkRuleSet $networkRuleSet

Det första kommandot hämtar egenskapen NetworkRuleSet från ett lagringskonto och det andra kommandot anger den till ett annat Lagringskonto

Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -UpgradeToStorageV2

Kommandot uppgraderar ett Lagringskonto med Typ "Storage" eller "BlobStorage" till "StorageV2" typ Lagringskonto.

$account = Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -EnableAzureActiveDirectoryDomainServicesForFile $true -DefaultSharePermission StorageFileDataSmbShareContributor

$account.AzureFilesIdentityBasedAuth

DirectoryServiceOptions ActiveDirectoryProperties                                                      DefaultSharePermission
----------------------- -------------------------                                                      ----------------------
AADDS                   Microsoft.Azure.Commands.Management.Storage.Models.PSActiveDirectoryProperties StorageFileDataSmbShareContributor

Kommandot uppdaterar ett lagringskonto genom att aktivera Azure Files Microsoft Entra Domain Services-autentisering.

$account = Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -EnableActiveDirectoryDomainServicesForFile $true `
        -ActiveDirectoryDomainName "mydomain.com" `
        -ActiveDirectoryNetBiosDomainName "mydomain.com" `
        -ActiveDirectoryForestName "mydomain.com" `
        -ActiveDirectoryDomainGuid "12345678-1234-1234-1234-123456789012" `
        -ActiveDirectoryDomainSid "S-1-5-21-1234567890-1234567890-1234567890" `
        -ActiveDirectoryAzureStorageSid "S-1-5-21-1234567890-1234567890-1234567890-1234" `
        -ActiveDirectorySamAccountName "samaccountname" `
        -ActiveDirectoryAccountType Computer

$account.AzureFilesIdentityBasedAuth.DirectoryServiceOptions
AD

$account.AzureFilesIdentityBasedAuth.ActiveDirectoryProperties

DomainName        : mydomain.com
NetBiosDomainName : mydomain.com
ForestName        : mydomain.com
DomainGuid        : 12345678-1234-1234-1234-123456789012
DomainSid         : S-1-5-21-1234567890-1234567890-1234567890
AzureStorageSid   : S-1-5-21-1234567890-1234567890-1234567890-1234
SamAccountName    : samaccountname
AccountType       : Computer

Kommandot uppdaterar ett lagringskonto genom att aktivera Azure Files Active Directory Domain Service-autentisering och visar sedan inställningen Filidentitetsbaserad autentisering

$account = Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -MinimumTlsVersion TLS1_1 -AllowBlobPublicAccess $false -AllowSharedKeyAccess $true

$account.MinimumTlsVersion
TLS1_1

$account.AllowBlobPublicAccess
False

$a.AllowSharedKeyAccess
True

Kommandot anger MinimumTlsVersion, AllowBlobPublicAccess och AllowSharedKeyAccess och visar sedan kontots tre egenskaper

$account = Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -PublishMicrosoftEndpoint $false -PublishInternetEndpoint $true -RoutingChoice InternetRouting

$account.RoutingPreference

RoutingChoice   PublishMicrosoftEndpoints PublishInternetEndpoints
-------------   ------------------------- ------------------------
InternetRouting                     False                     True

$account.PrimaryEndpoints

Blob               : https://mystorageaccount.blob.core.windows.net/
Queue              : https://mystorageaccount.queue.core.windows.net/
Table              : https://mystorageaccount.table.core.windows.net/
File               : https://mystorageaccount.file.core.windows.net/
Web                : https://mystorageaccount.z2.web.core.windows.net/
Dfs                : https://mystorageaccount.dfs.core.windows.net/
MicrosoftEndpoints :
InternetEndpoints  : {"Blob":"https://mystorageaccount-internetrouting.blob.core.windows.net/","File":"https://mystorageaccount-internetrouting.file.core.windows.net/","Web":"https://mystorageaccount-internetrouting.z2.web.core.windows.net/","Dfs":"https://w
                     eirp3-internetrouting.dfs.core.windows.net/"}

Det här kommandot uppdaterar ett lagringskonto med inställningen RoutingPreference: PublishMicrosoftEndpoint som false, PublishInternetEndpoint as true och RoutingChoice som MicrosoftRouting.

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -KeyExpirationPeriodInDay 5 -SasExpirationPeriod "1.12:05:06" -SasExpirationAction Log

$account.KeyPolicy.KeyExpirationPeriodInDays
5

$account.SasPolicy.SasExpirationPeriod

SasExpirationPeriod ExpirationAction
------------------- ----------------
1.12:05:06          Log

Det här kommandot uppdaterar ett lagringskonto med KeyExpirationPeriod och SasExpirationPeriod med SasExpirationAction och visar sedan de uppdaterade kontorelaterade egenskaperna.

# Create KeyVault (no need if using exist keyvault)
$keyVault = New-AzKeyVault -VaultName $keyvaultName -ResourceGroupName $resourceGroupName -Location eastus2euap -EnablePurgeProtection
$key = Add-AzKeyVaultKey -VaultName $keyvaultName -Name $keyname -Destination 'Software'

# create user assigned identity and grant access to keyvault (no need if using exist user assigned identity)
$userId = New-AzUserAssignedIdentity -ResourceGroupName $resourceGroupName -Name $userIdName
Set-AzKeyVaultAccessPolicy -VaultName $keyvaultName -ResourceGroupName $resourceGroupName -ObjectId $userId.PrincipalId -PermissionsToKeys get,wrapkey,unwrapkey -BypassObjectIdValidation
$useridentityId= $userId.Id

# Update Storage account with Keyvault encryption and access Keyvault with user assigned identity, then show properties
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName `
                -IdentityType UserAssigned  -UserAssignedIdentityId $useridentityId  `
                -KeyVaultUri $keyVault.VaultUri -KeyName $keyname -KeyVaultUserAssignedIdentityId $useridentityId

$account.Encryption.EncryptionIdentity.EncryptionUserAssignedIdentity
/subscriptions/{subscription-id}/resourceGroups/myresourcegroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myuserid

$account.Encryption.KeyVaultProperties

KeyName                       : wrappingKey
KeyVersion                    :
KeyVaultUri                   : https://mykeyvault.vault.azure.net:443
CurrentVersionedKeyIdentifier : https://mykeyvault.vault.azure.net/keys/wrappingKey/8e74036e0d534e58b3bd84b319e31d8f
LastKeyRotationTimestamp      : 4/12/2021 8:17:57 AM

Det här kommandot skapar först en keyvault och en användartilldelad identitet och uppdaterar sedan ett lagringskonto med keyvault-kryptering, åtkomstnyckeln för lagringsåtkomst med den användartilldelade identiteten.

# Assign System identity to the account, and give the system assigned identity access to the keyvault
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName  -IdentityType SystemAssignedUserAssigned
Set-AzKeyVaultAccessPolicy -VaultName $keyvaultName -ResourceGroupName $resourceGroupName -ObjectId $account.Identity.PrincipalId -PermissionsToKeys get,wrapkey,unwrapkey -BypassObjectIdValidation

# Update account from access Keyvault with user assigned identity to access Keyvault with system assigned identity
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -IdentityType SystemAssignedUserAssigned -KeyName $keyname -KeyVaultUri $keyvaultUri -KeyVaultUserAssignedIdentityId ""

# EncryptionUserAssignedIdentity is empty, so the account access keyvault with system assigned identity
$account.Encryption.EncryptionIdentity

EncryptionUserAssignedIdentity
------------------------------

$account.Encryption.KeyVaultProperties

KeyName                       : wrappingKey
KeyVersion                    :
KeyVaultUri                   : https://mykeyvault.vault.azure.net:443
CurrentVersionedKeyIdentifier : https://mykeyvault.vault.azure.net/keys/wrappingKey/8e74036e0d534e58b3bd84b319e31d8f
LastKeyRotationTimestamp      : 4/12/2021 8:17:57 AM

Det här kommandot tilldelar först Systemidentitet till kontot och ger systemet tilldelad identitet åtkomst till keyvault. uppdaterar sedan Lagringskontot för att få åtkomst till Keyvault med systemtilldelad identitet.

# Update to another user assigned identity
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -IdentityType SystemAssignedUserAssigned -UserAssignedIdentityId $useridentity2 -KeyVaultUserAssignedIdentityId $useridentity2

# Update to encrypt with another keyvault
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -KeyVaultUri $keyvaultUri2 -KeyName $keyname2 -KeyVersion $keyversion2

Det här kommandot uppdaterar först den användartilldelade identiteten för åtkomst till keyvault och uppdaterar sedan nyckelvalvet för kryptering. För att uppdatera både Keyvault och den användartilldelade identiteten behöver vi uppdatera med ovanstående 2 steg.

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -AllowCrossTenantReplication $false -EnableHttpsTrafficOnly $true

$account.AllowCrossTenantReplication

False

Det här kommandot uppdaterar ett lagringskonto genom att ange AllowCrossTenantReplication till false och visar sedan de uppdaterade kontorelaterade egenskaperna.

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -PublicNetworkAccess Enabled

$account.PublicNetworkAccess

Enabled

Det här kommandot uppdaterar ett Lagringskonto genom att ange PublicNetworkAccess som aktiverat.

$account = Set-AzStorageAccount -ResourceGroupName "MyResourceGroup" -Name "mystorageaccount" -ImmutabilityPeriod 2 -ImmutabilityPolicyState Unlocked

$account.ImmutableStorageWithVersioning.Enabled
True

$account.ImmutableStorageWithVersioning.ImmutabilityPolicy

ImmutabilityPeriodSinceCreationInDays State
------------------------------------- -----
                                    2 Unlocked

Kommandot uppdaterar principegenskaper på kontonivå för ett befintligt lagringskonto och visar resultatet. Lagringskontot måste skapas med aktivera oföränderlighet på kontonivå med versionshantering. Principen för oföränderlighet på kontonivå ärvs och tillämpas på objekt som inte har en explicit oföränderlighetsprincip på objektnivå.

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -AccountName "mystorageaccount" -EnableSftp $true -EnableLocalUser $true

$account.EnableSftp
True

$account.EnableLocalUser
True

Det här kommandot uppdaterar ett lagringskonto genom att aktivera Sftp och localuser. Om du vill köra kommandot korrekt bör lagringskontot redan aktivera hierarkiskt namnområde.

# create Storage account with Keyvault encryption (access Keyvault with FederatedClientId), then show properties
$account = Set-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName  `
                -KeyVaultUri $keyVault.VaultUri -KeyName $keyname -KeyVaultUserAssignedIdentityId $useridentityId -KeyVaultFederatedClientId $federatedClientId

$account.Encryption.EncryptionIdentity

EncryptionUserAssignedIdentity                                                                                                      EncryptionFederatedIdentityClientId
------------------------------                                                                                                      -----------------------------------
/subscriptions/{subscription-id}/resourceGroups/myresourcegroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myuserid ********-****-****-****-************

$account.Encryption.KeyVaultProperties

KeyName                       : wrappingKey
KeyVersion                    :
KeyVaultUri                   : https://mykeyvault.vault.azure.net:443
CurrentVersionedKeyIdentifier : https://mykeyvault.vault.azure.net/keys/wrappingKey/8e74036e0d534e58b3bd84b319e31d8f
LastKeyRotationTimestamp      : 3/3/2022 2:07:34 AM

Det här kommandot uppdaterar ett lagringskonto med Keyvault från en annan klientorganisation (åtkomst till Keyvault med FederatedClientId).

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -Name "mystorageaccount" -EnableSmbOAuth $true

$account.AzureFilesIdentityBasedAuth.SmbOAuthSettings.IsSmbOAuthEnabled

True

Det här kommandot uppdaterar ett Lagringskonto genom att ange EnableSmbOAuth till true och visar sedan de uppdaterade kontorelaterade egenskaperna.

$account = Set-AzStorageAccount -ResourceGroupName "myresourcegroup" -Name "myaccount" -Zone 1 -ZonePlacementPolicy "Any"

Det här kommandot uppdaterar ett lagringskonto genom att ange Zon till 1 och ZonePlacementPolicy till Valfri och visar sedan de uppdaterade kontorelaterade egenskaperna.

Den här cmdleten stöder vanliga parametrar: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction och -WarningVariable. Mer information finns i about_CommonParameters.