Possibility to use SAS token instead of connection string

[jprecuch]

Hi, Would it be maybe possible to introduce possibility to use SAS Token instead of connection string?

Azure cli supports this

az storage blob upload --account-name $ACCOUNT --container-name $CONTAINER --type block --file delete-me --sas-token $SAS

[LanceMcCarthy]

@jprecuch This action uses the javascript SDK (rather than the CLI tooling), but I'm pretty confident there's got to be an overload to use that instead.

Let me research it and get back to you.

[LanceMcCarthy]

It looks like this is definitely possible, can you confirm what type of SAS token it will be? There are three

• User delegation: https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-create-user-delegation-sas-javascript
• Account delegation: https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-account-delegation-sas-create-javascript?tabs=blob-service-client
• Service delegation: https://learn.microsoft.com/en-us/azure/storage/blobs/sas-service-create-javascript

I'm expecting it will be account or user, so something like this could probably be implemented quickly

const sasToken = $secret.sasToken;
const blobServiceUri = `https://${secret.accountName}.blob.core.windows.net`;

const blobServiceClient = new BlobServiceClient(
  `${blobServiceUri}?${sasToken}`,
  null
);

[LanceMcCarthy]

Hi @jprecuch Just wanted to follow up to see if you know which kind of SAS you need to use (see my last reply). If I implement this, I would like to start with the same kind you're using, then build up from there.