0

It seems that the tool rclone has limitation not to allow set/reset public access level to either blob or container of a container either at the time of creation or later. Container has default public access level set to private.

Here is the rclone command to create a container if does not exists

rclone mkdir azure:mycontainer

There is azure-ctl command that seems working fine and able to set/reset this level. However same is missing from the rclone tool. Or possibly I'm not able to figure out how to do it using rclone.

az storage container create
--name
--account-name
--resource-group --public-access off
--account-key
--auth-mode key

Details:

Rclone v1.48.0
Fedora 29, 64 bit
MaNKuR
  • 2,578
  • 1
  • 19
  • 31
  • Would you mind accept my reply as answer? Or you can post another reply to let others know and close this issue. – Doris Lv Feb 26 '21 at 07:23
  • I'm waiting for the code to be merged to the `rclone` main repo so that next release should work like azure-ctl tool and then I will add my answer. I've upvoted your answer anyway. – MaNKuR Feb 26 '21 at 18:28
  • That's okay. Thanks for your contribution.@MaNKuR – Doris Lv Mar 01 '21 at 01:32

1 Answers1

1

After checking with the docs, we found that we cannot set/reset the public access level using Rclone tools.

You can do that with the ways below:

  1. Set on Portal: enter image description here

  2. Use powershell command:

     # Set variables.
 $rgName = "<resource-group>"
 $accountName = "<storage-account>"

 # Get context object.
 $storageAccount = Get-AzStorageAccount -ResourceGroupName $rgName -Name $accountName
 $ctx = $storageAccount.Context

 # Create a new container with public access setting set to Off.
 $containerName = "<container>"
 New-AzStorageContainer -Name $containerName -Permission Off -Context $ctx

 # Read the container's public access setting.
 Get-AzStorageContainerAcl -Container $containerName -Context $ctx

 # Update the container's public access setting to Container.
 Set-AzStorageContainerAcl -Container $containerName -Permission Container -Context $ctx

 # Read the container's public access setting.
 Get-AzStorageContainerAcl -Container $containerName -Context $ctx

  3. Use Azure CLI command:

     az storage container create \
     --name <container-name> \
     --account-name <account-name> \
     --resource-group <resource-group>
     --public-access off \
     --account-key <account-key> \
     --auth-mode key

 az storage container show-permission \
     --name <container-name> \
     --account-name <account-name> \
     --account-key <account-key> \
     --auth-mode key

 az storage container set-permission \
     --name <container-name> \
     --account-name <account-name> \
     --public-access container \
     --account-key <account-key> \
     --auth-mode key

 az storage container show-permission \
     --name <container-name> \
     --account-name <account-name> \
     --account-key <account-key> \
     --auth-mode key
Doris Lv
  • 3,083
  • 1
  • 5
  • 14
  • Thanks for the detail info. Yes I'm aware of those options but wanted this to be added to the `rclone` tool. I had look through the `rclone` pkg and found its missing and the next version would have it. – MaNKuR Feb 26 '21 at 18:26