diff --git a/src/Storage/Storage.Management.Test/Storage.Management.Test.csproj b/src/Storage/Storage.Management.Test/Storage.Management.Test.csproj
index eebf80c8a9da..0dfbecdf7239 100644
--- a/src/Storage/Storage.Management.Test/Storage.Management.Test.csproj
+++ b/src/Storage/Storage.Management.Test/Storage.Management.Test.csproj
@@ -11,10 +11,10 @@
-
-
-
-
+
+
+
+
diff --git a/src/Storage/Storage.Management/ChangeLog.md b/src/Storage/Storage.Management/ChangeLog.md
index 02d2e7b57807..95aaad1e37af 100644
--- a/src/Storage/Storage.Management/ChangeLog.md
+++ b/src/Storage/Storage.Management/ChangeLog.md
@@ -18,6 +18,8 @@
- Additional information about change #1
-->
## Upcoming Release
+* Supported generate DataLakeGen2 Sas token with Encryption scope
+ - `New-AzDataLakeGen2SasToken`
* Supported blob type conversions in sync blob copy
- `Copy-AzStorageBlob`
* Supported create/upgrade storage account with Keyvault from another tenant and access Keyvault with FederatedClientId
diff --git a/src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md b/src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md
index 15d3be3a4281..6f39a7df201a 100644
--- a/src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md
+++ b/src/Storage/Storage.Management/help/New-AzDataLakeGen2SasToken.md
@@ -16,7 +16,7 @@ Generates a SAS token for Azure DatalakeGen2 item.
```
New-AzDataLakeGen2SasToken [-FileSystem] [-Path ] [-Permission ]
[-Protocol ] [-IPAddressOrRange ] [-StartTime ]
- [-ExpiryTime ] [-FullUri] [-Context ]
+ [-ExpiryTime ] [-EncryptionScope ] [-FullUri] [-Context ]
[-DefaultProfile ] []
```
@@ -24,7 +24,7 @@ New-AzDataLakeGen2SasToken [-FileSystem] [-Path ] [-Permission
```
New-AzDataLakeGen2SasToken -InputObject [-Permission ]
[-Protocol ] [-IPAddressOrRange ] [-StartTime ]
- [-ExpiryTime ] [-FullUri] [-Context ]
+ [-ExpiryTime ] [-EncryptionScope ] [-FullUri] [-Context ]
[-DefaultProfile ] []
```
@@ -40,12 +40,12 @@ New-AzDataLakeGen2SasToken -FileSystem "filesystem1" -Path "dir1/dir2" -Permissi
This example generates a DatalakeGen2 SAS token with full permission.
-### Example 2: Generate a SAS token with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, by pipeline a datalakegen2 item
+### Example 2: Generate a SAS token with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, Encryption Scope, by pipeline a datalakegen2 item
```
-Get-AzDataLakeGen2Item -FileSystem test -Path "testdir/dir2" | New-AzDataLakeGen2SasToken -Permission rw -Protocol Https -IPAddressOrRange 10.0.0.0-12.10.0.0 -StartTime (Get-Date) -ExpiryTime (Get-Date).AddDays(6)
+Get-AzDataLakeGen2Item -FileSystem test -Path "testdir/dir2" | New-AzDataLakeGen2SasToken -Permission rw -Protocol Https -IPAddressOrRange 10.0.0.0-12.10.0.0 -StartTime (Get-Date) -ExpiryTime (Get-Date).AddDays(6) -EncryptionScope scopename
```
-This example generates a DatalakeGen2 SAS token by pipeline a datalake gen2 item, and with specific StartTime, ExpireTime, Protocal, IPAddressOrRange.
+This example generates a DatalakeGen2 SAS token by pipeline a datalake gen2 item, and with specific StartTime, ExpireTime, Protocal, IPAddressOrRange, Encryption Scope.
## PARAMETERS
@@ -79,6 +79,21 @@ Accept pipeline input: False
Accept wildcard characters: False
```
+### -EncryptionScope
+Encryption scope to use when sending requests authorized with this SAS URI.
+
+```yaml
+Type: System.String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
### -ExpiryTime
Expiry Time
diff --git a/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2Item.cs b/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2Item.cs
index 8d128177c623..433694f14e64 100644
--- a/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2Item.cs
+++ b/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2Item.cs
@@ -191,10 +191,18 @@ public override void ExecuteCmdlet()
PathHttpHeaders pathHttpHeaders = SetDatalakegen2ItemProperties(dirClient, BlobProperties, setToServer: false);
IDictionary metadata = SetDatalakegen2ItemMetaData(dirClient, BlobMetadata, setToServer: false);
- dirClient.Create(pathHttpHeaders,
- metadata,
- this.Permission,
- this.Umask != null ? DataLakeModels.PathPermissions.ParseSymbolicPermissions(this.Umask).ToOctalPermissions() : null);
+ DataLakePathCreateOptions createOptions = new DataLakePathCreateOptions()
+ {
+ HttpHeaders = pathHttpHeaders,
+ Metadata = metadata,
+ AccessOptions = new DataLakeAccessOptions()
+ {
+ Permissions = this.Permission,
+ Umask = this.Umask != null ? DataLakeModels.PathPermissions.ParseSymbolicPermissions(this.Umask).ToOctalPermissions() : null
+ }
+ };
+
+ dirClient.Create(createOptions, this.CmdletCancellationToken);
WriteDataLakeGen2Item(localChannel, dirClient);
}
diff --git a/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2SasToken.cs b/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2SasToken.cs
index a7395a031b49..eb0c08bc91aa 100644
--- a/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2SasToken.cs
+++ b/src/Storage/Storage/DatalakeGen2/Cmdlet/NewAzDataLakeGen2SasToken.cs
@@ -77,6 +77,10 @@ public class NewDataLakeGen2SasTokenCommand : StorageCloudBlobCmdletBase
[ValidateNotNull]
public DateTimeOffset? ExpiryTime { get; set; }
+ [Parameter(Mandatory = false, HelpMessage = "Encryption scope to use when sending requests authorized with this SAS URI.")]
+ [ValidateNotNullOrEmpty]
+ public string EncryptionScope { get; set; }
+
[Parameter(Mandatory = false, HelpMessage = "Display full uri with sas token")]
public SwitchParameter FullUri { get; set; }
@@ -170,6 +174,10 @@ public override void ExecuteCmdlet()
{
sasBuilder.Protocol = this.Protocol.Value;
}
+ if (this.EncryptionScope != null)
+ {
+ sasBuilder.EncryptionScope = this.EncryptionScope;
+ }
DataLakeFileSystemClient fileSystem = GetFileSystemClientByName(localChannel, this.FileSystem);
diff --git a/src/Storage/Storage/Storage.csproj b/src/Storage/Storage/Storage.csproj
index 791f91d9d390..0ca0120999c9 100644
--- a/src/Storage/Storage/Storage.csproj
+++ b/src/Storage/Storage/Storage.csproj
@@ -13,10 +13,10 @@
-
-
-
-
+
+
+
+
diff --git a/tools/StaticAnalysis/DependencyAnalyzer/DependencyAnalyzer.cs b/tools/StaticAnalysis/DependencyAnalyzer/DependencyAnalyzer.cs
index 59efab005ef1..9f746d503bbb 100644
--- a/tools/StaticAnalysis/DependencyAnalyzer/DependencyAnalyzer.cs
+++ b/tools/StaticAnalysis/DependencyAnalyzer/DependencyAnalyzer.cs
@@ -119,6 +119,7 @@ public class DependencyAnalyzer : IStaticAnalyzer
"System.Resources.ResourceManager",
"System.Resources.Writer",
"System.Runtime",
+ "System.Runtime.CompilerServices.Unsafe",
"System.Runtime.CompilerServices.VisualC",
"System.Runtime.Extensions",
"System.Runtime.Handles",