创建存储帐户并轮换其帐户访问密钥Create a storage account and rotate its account access keys

此脚本创建一个 Azure 存储帐户,显示新存储帐户的访问密钥,然后更新(轮换)密钥。This script creates an Azure Storage account, displays the new storage account's access keys, then renews (rotates) the keys.

若要运行此示例,请安装最新版本的 Azure CLITo run this sample, install the latest version of the Azure CLI. 若要开始,请运行 az login 以创建与 Azure 的连接。To start, run az login to create a connection with Azure.

适用于 Azure CLI 的示例是针对 bash shell 编写的。Samples for the Azure CLI are written for the bash shell. 若要在 Windows PowerShell 或命令提示符中运行此示例,可能需要更改脚本的元素。To run this sample in Windows PowerShell or Command Prompt, you may need to change elements of the script.

如果没有 Azure 订阅,可在开始前创建一个试用帐户If you don't have an Azure subscription, create a trial account before you begin.

示例脚本Sample script

#!/bin/bash

# Create a resource group
az group create --name myResourceGroup --location chinaeast

# Create a general-purpose standard storage account
az storage account create \
    --name mystorageaccount \
    --resource-group myResourceGroup \
    --location chinaeast \
    --sku Standard_RAGRS \
    --encryption blob

# List the storage account access keys
az storage account keys list \
    --resource-group myResourceGroup \
    --account-name mystorageaccount 

# Renew (rotate) the PRIMARY access key
az storage account keys renew \
    --resource-group myResourceGroup \
    --account-name mystorageaccount \
    --key primary

# Renew (rotate) the SECONDARY access key
az storage account keys renew \
    --resource-group myResourceGroup \
    --account-name mystorageaccount \
    --key secondary

清理部署Clean up deployment

运行以下命令来删除资源组、存储帐户和所有相关资源。Run the following command to remove the resource group, storage account, and all related resources.

az group delete --name myResourceGroup

脚本说明Script explanation

此脚本使用以下命令创建存储帐户并检索和轮换其访问密钥。This script uses the following commands to create the storage account and retrieve and rotate its access keys. 表中的每一项均链接到命令特定的文档。Each item in the table links to command-specific documentation.

CommandCommand 说明Notes
az group createaz group create 创建用于存储所有资源的资源组。Creates a resource group in which all resources are stored.
az storage account createaz storage account create 在指定资源组中创建 Azure 存储帐户。Creates an Azure Storage account in the specified resource group.
az storage account keys listaz storage account keys list 显示指定帐户的存储帐户访问密钥。Displays the storage account access keys for the specified account.
az storage account keys renewaz storage account keys renew 重新生成主或辅助存储帐户访问密钥。Regenerates the primary or secondary storage account access key.

后续步骤Next steps

有关 Azure CLI 的详细信息,请参阅 Azure CLI 文档For more information on the Azure CLI, see Azure CLI documentation.

有关其他存储 CLI 脚本示例,可参阅 Azure Blob 存储的 Azure CLI 示例Additional storage CLI script samples can be found in the Azure CLI samples for Azure Blob storage.