diff --git a/storage/2023-11-03/blob/blobs/append_block.go b/storage/2023-11-03/blob/blobs/append_block.go index 459389d..b82558f 100644 --- a/storage/2023-11-03/blob/blobs/append_block.go +++ b/storage/2023-11-03/blob/blobs/append_block.go @@ -12,7 +12,6 @@ import ( ) type AppendBlockInput struct { - // A number indicating the byte offset to compare. // Append Block will succeed only if the append position is equal to this number. // If it is not, the request will fail with an AppendPositionConditionNotMet @@ -41,6 +40,9 @@ type AppendBlockInput struct { // Required if the blob has an active lease. // To perform this operation on a blob with an active lease, specify the valid lease ID for this header. LeaseID *string + + // The encryption scope to set for the request content. + EncryptionScope *string } type AppendBlockResponse struct { @@ -145,6 +147,9 @@ func (a appendBlockOptions) ToHeaders() *client.Headers { if a.input.LeaseID != nil { headers.Append("x-ms-lease-id", *a.input.LeaseID) } + if a.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *a.input.EncryptionScope) + } if a.input.Content != nil { headers.Append("Content-Length", strconv.Itoa(len(*a.input.Content))) } diff --git a/storage/2023-11-03/blob/blobs/copy.go b/storage/2023-11-03/blob/blobs/copy.go index 3687c10..68bf1d8 100644 --- a/storage/2023-11-03/blob/blobs/copy.go +++ b/storage/2023-11-03/blob/blobs/copy.go @@ -103,6 +103,9 @@ type CopyInput struct { // If the source blob has been modified, the Blob service returns status code 412 (Precondition Failed). // This header cannot be specified if the source is an Azure File. SourceIfUnmodifiedSince *string + + // The encryption scope to set for the request content. + EncryptionScope *string } type CopyResponse struct { @@ -217,6 +220,10 @@ func (c copyOptions) ToHeaders() *client.Headers { headers.Append("x-ms-source-if-unmodified-since", *c.input.SourceIfUnmodifiedSince) } + if c.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *c.input.EncryptionScope) + } + headers.Merge(metadata.SetMetaDataHeaders(c.input.MetaData)) return headers diff --git a/storage/2023-11-03/blob/blobs/properties_get.go b/storage/2023-11-03/blob/blobs/properties_get.go index 1b2c2cd..3edfa89 100644 --- a/storage/2023-11-03/blob/blobs/properties_get.go +++ b/storage/2023-11-03/blob/blobs/properties_get.go @@ -158,6 +158,9 @@ type GetPropertiesResponse struct { // Is the Storage Account encrypted using server-side encryption? This should always return true ServerEncrypted bool + + // The encryption scope for the request content. + EncryptionScope string } // GetProperties returns all user-defined metadata, standard HTTP properties, and system properties for the blob @@ -223,6 +226,7 @@ func (c Client) GetProperties(ctx context.Context, containerName, blobName strin result.LeaseDuration = LeaseDuration(resp.Header.Get("x-ms-lease-duration")) result.LeaseState = LeaseState(resp.Header.Get("x-ms-lease-state")) result.LeaseStatus = LeaseStatus(resp.Header.Get("x-ms-lease-status")) + result.EncryptionScope = resp.Header.Get("x-ms-encryption-scope") result.MetaData = metadata.ParseFromHeaders(resp.Header) if v := resp.Header.Get("x-ms-access-tier-inferred"); v != "" { diff --git a/storage/2023-11-03/blob/blobs/put_append_blob.go b/storage/2023-11-03/blob/blobs/put_append_blob.go index 9217bf4..8cc5300 100644 --- a/storage/2023-11-03/blob/blobs/put_append_blob.go +++ b/storage/2023-11-03/blob/blobs/put_append_blob.go @@ -19,6 +19,7 @@ type PutAppendBlobInput struct { ContentMD5 *string ContentType *string LeaseID *string + EncryptionScope *string MetaData map[string]string } @@ -110,6 +111,9 @@ func (p putAppendBlobOptions) ToHeaders() *client.Headers { if p.input.LeaseID != nil { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } headers.Merge(metadata.SetMetaDataHeaders(p.input.MetaData)) return headers diff --git a/storage/2023-11-03/blob/blobs/put_block.go b/storage/2023-11-03/blob/blobs/put_block.go index 61aa90b..f261dde 100644 --- a/storage/2023-11-03/blob/blobs/put_block.go +++ b/storage/2023-11-03/blob/blobs/put_block.go @@ -14,10 +14,11 @@ import ( ) type PutBlockInput struct { - BlockID string - Content []byte - ContentMD5 *string - LeaseID *string + BlockID string + Content []byte + ContentMD5 *string + LeaseID *string + EncryptionScope *string } type PutBlockResponse struct { @@ -99,6 +100,9 @@ func (p putBlockOptions) ToHeaders() *client.Headers { if p.input.LeaseID != nil { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } return headers } diff --git a/storage/2023-11-03/blob/blobs/put_block_blob.go b/storage/2023-11-03/blob/blobs/put_block_blob.go index cc98f53..d5d6773 100644 --- a/storage/2023-11-03/blob/blobs/put_block_blob.go +++ b/storage/2023-11-03/blob/blobs/put_block_blob.go @@ -21,6 +21,7 @@ type PutBlockBlobInput struct { ContentMD5 *string ContentType *string LeaseID *string + EncryptionScope *string MetaData map[string]string } @@ -125,6 +126,9 @@ func (p putBlockBlobOptions) ToHeaders() *client.Headers { if p.input.LeaseID != nil { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } if p.input.Content != nil { headers.Append("Content-Length", strconv.Itoa(len(*p.input.Content))) } diff --git a/storage/2023-11-03/blob/blobs/put_block_list.go b/storage/2023-11-03/blob/blobs/put_block_list.go index 142136d..a600fdb 100644 --- a/storage/2023-11-03/blob/blobs/put_block_list.go +++ b/storage/2023-11-03/blob/blobs/put_block_list.go @@ -29,8 +29,9 @@ type PutBlockListInput struct { ContentLanguage *string ContentMD5 *string ContentType *string - MetaData map[string]string LeaseID *string + EncryptionScope *string + MetaData map[string]string } type PutBlockListResponse struct { @@ -130,6 +131,9 @@ func (p putBlockListOptions) ToHeaders() *client.Headers { if p.input.LeaseID != nil { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } headers.Merge(metadata.SetMetaDataHeaders(p.input.MetaData)) diff --git a/storage/2023-11-03/blob/blobs/put_block_url.go b/storage/2023-11-03/blob/blobs/put_block_url.go index 3cac427..0887423 100644 --- a/storage/2023-11-03/blob/blobs/put_block_url.go +++ b/storage/2023-11-03/blob/blobs/put_block_url.go @@ -14,9 +14,10 @@ type PutBlockFromURLInput struct { BlockID string CopySource string - ContentMD5 *string - LeaseID *string - Range *string + ContentMD5 *string + LeaseID *string + Range *string + EncryptionScope *string } type PutBlockFromURLResponse struct { @@ -103,6 +104,9 @@ func (p putBlockUrlOptions) ToHeaders() *client.Headers { if p.input.Range != nil { headers.Append("x-ms-source-range", *p.input.Range) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } return headers } diff --git a/storage/2023-11-03/blob/blobs/put_page_blob.go b/storage/2023-11-03/blob/blobs/put_page_blob.go index 281d20e..74bfc6b 100644 --- a/storage/2023-11-03/blob/blobs/put_page_blob.go +++ b/storage/2023-11-03/blob/blobs/put_page_blob.go @@ -20,6 +20,7 @@ type PutPageBlobInput struct { ContentMD5 *string ContentType *string LeaseID *string + EncryptionScope *string MetaData map[string]string BlobContentLengthBytes int64 @@ -137,6 +138,10 @@ func (p putPageBlobOptions) ToHeaders() *client.Headers { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } + headers.Merge(metadata.SetMetaDataHeaders(p.input.MetaData)) return headers } diff --git a/storage/2023-11-03/blob/blobs/put_page_clear.go b/storage/2023-11-03/blob/blobs/put_page_clear.go index 9b8ad4f..45e0499 100644 --- a/storage/2023-11-03/blob/blobs/put_page_clear.go +++ b/storage/2023-11-03/blob/blobs/put_page_clear.go @@ -14,7 +14,8 @@ type PutPageClearInput struct { StartByte int64 EndByte int64 - LeaseID *string + LeaseID *string + EncryptionScope *string } type PutPageClearResponse struct { @@ -91,6 +92,10 @@ func (p putPageClearOptions) ToHeaders() *client.Headers { if p.input.LeaseID != nil { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } + return headers } diff --git a/storage/2023-11-03/blob/blobs/put_page_update.go b/storage/2023-11-03/blob/blobs/put_page_update.go index 4019cc3..ab5f258 100644 --- a/storage/2023-11-03/blob/blobs/put_page_update.go +++ b/storage/2023-11-03/blob/blobs/put_page_update.go @@ -26,6 +26,7 @@ type PutPageUpdateInput struct { IfMatch *string IfNoneMatch *string LeaseID *string + EncryptionScope *string } type PutPageUpdateResponse struct { @@ -124,6 +125,10 @@ func (p putPageUpdateOptions) ToHeaders() *client.Headers { headers.Append("x-ms-lease-id", *p.input.LeaseID) } + if p.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *p.input.EncryptionScope) + } + if p.input.IfSequenceNumberEQ != nil { headers.Append("x-ms-if-sequence-number-eq", *p.input.IfSequenceNumberEQ) } diff --git a/storage/2023-11-03/blob/blobs/snapshot.go b/storage/2023-11-03/blob/blobs/snapshot.go index 0a8f8ca..ebbcb20 100644 --- a/storage/2023-11-03/blob/blobs/snapshot.go +++ b/storage/2023-11-03/blob/blobs/snapshot.go @@ -16,6 +16,9 @@ type SnapshotInput struct { // This must be specified if a Lease is present on the Blob, else a 403 is returned LeaseID *string + // The encryption scope to set for the request content. + EncryptionScope *string + // MetaData is a user-defined name-value pair associated with the blob. // If no name-value pairs are specified, the operation will copy the base blob metadata to the snapshot. // If one or more name-value pairs are specified, the snapshot is created with the specified metadata, @@ -120,6 +123,10 @@ func (s snapshotOptions) ToHeaders() *client.Headers { headers.Append("x-ms-lease-id", *s.input.LeaseID) } + if s.input.EncryptionScope != nil { + headers.Append("x-ms-encryption-scope", *s.input.EncryptionScope) + } + if s.input.IfModifiedSince != nil { headers.Append("If-Modified-Since", *s.input.IfModifiedSince) } diff --git a/storage/2023-11-03/blob/containers/create.go b/storage/2023-11-03/blob/containers/create.go index f23aa1e..05f898b 100644 --- a/storage/2023-11-03/blob/containers/create.go +++ b/storage/2023-11-03/blob/containers/create.go @@ -18,6 +18,12 @@ type CreateInput struct { // Specifies whether data in the container may be accessed publicly and the level of access AccessLevel AccessLevel + // The encryption scope to set as the default on the container. + DefaultEncryptionScope string + + // Setting this to ture indicates that every blob that's uploaded to this container uses the default encryption scope. + EncryptionScopeOverrideDisabled bool + // A name-value pair to associate with the container as metadata. MetaData map[string]string } @@ -69,8 +75,7 @@ func (c Client) Create(ctx context.Context, containerName string, input CreateIn }, HttpMethod: http.MethodPut, OptionsObject: createOptions{ - accessLevel: input.AccessLevel, - metaData: input.MetaData, + input: input, }, Path: fmt.Sprintf("/%s", containerName), RetryFunc: retryFunc, @@ -98,18 +103,23 @@ func (c Client) Create(ctx context.Context, containerName string, input CreateIn var _ client.Options = createOptions{} type createOptions struct { - accessLevel AccessLevel - metaData map[string]string + input CreateInput } func (o createOptions) ToHeaders() *client.Headers { headers := containerOptions{ - metaData: o.metaData, + metaData: o.input.MetaData, }.ToHeaders() // If this header is not included in the request, container data is private to the account owner. - if o.accessLevel != Private { - headers.Append("x-ms-blob-public-access", string(o.accessLevel)) + if o.input.AccessLevel != Private { + headers.Append("x-ms-blob-public-access", string(o.input.AccessLevel)) + } + + if o.input.DefaultEncryptionScope != "" { + // These two headers must be used together. + headers.Append("x-ms-default-encryption-scope", o.input.DefaultEncryptionScope) + headers.Append("x-ms-deny-encryption-scope-override", fmt.Sprintf("%t", o.input.EncryptionScopeOverrideDisabled)) } return headers diff --git a/storage/2023-11-03/blob/containers/get_properties.go b/storage/2023-11-03/blob/containers/get_properties.go index 44bf7a1..ca97cf8 100644 --- a/storage/2023-11-03/blob/containers/get_properties.go +++ b/storage/2023-11-03/blob/containers/get_properties.go @@ -51,6 +51,7 @@ func (c Client) GetProperties(ctx context.Context, containerName string, input G result.HttpResponse = resp.Response if resp.Header != nil { + result.DefaultEncryptionScope = resp.Header.Get("x-ms-default-encryption-scope") result.LeaseStatus = LeaseStatus(resp.Header.Get("x-ms-lease-status")) result.LeaseState = LeaseState(resp.Header.Get("x-ms-lease-state")) if result.LeaseStatus == Locked { @@ -67,8 +68,10 @@ func (c Client) GetProperties(ctx context.Context, containerName string, input G } // we can't necessarily use strconv.ParseBool here since this could be nil (only in some API versions) + result.EncryptionScopeOverrideDisabled = strings.EqualFold(resp.Header.Get("x-ms-deny-encryption-scope-override"), "true") result.HasImmutabilityPolicy = strings.EqualFold(resp.Header.Get("x-ms-has-immutability-policy"), "true") result.HasLegalHold = strings.EqualFold(resp.Header.Get("x-ms-has-legal-hold"), "true") + result.MetaData = metadata.ParseFromHeaders(resp.Header) } } diff --git a/storage/2023-11-03/blob/containers/models.go b/storage/2023-11-03/blob/containers/models.go index 2fbaa3c..94c3b86 100644 --- a/storage/2023-11-03/blob/containers/models.go +++ b/storage/2023-11-03/blob/containers/models.go @@ -21,13 +21,15 @@ var ( ) type ContainerProperties struct { - AccessLevel AccessLevel - LeaseStatus LeaseStatus - LeaseState LeaseState - LeaseDuration *LeaseDuration - MetaData map[string]string - HasImmutabilityPolicy bool - HasLegalHold bool + AccessLevel AccessLevel + DefaultEncryptionScope string + EncryptionScopeOverrideDisabled bool + LeaseStatus LeaseStatus + LeaseState LeaseState + LeaseDuration *LeaseDuration + MetaData map[string]string + HasImmutabilityPolicy bool + HasLegalHold bool } type Dataset string