Skip to content

Azure CLI#

Enable Azure CLI#

  1. In the Privacera Portal, click LaunchPad from the left menu.

  2. Under the Azure Services section, click to open the Azure CLI dialog.  This dialog provides the means to download an Azure CLI setup script specific to your installation. It also provides a set of usage instructions.

  3. In Azure CLI, under  Configure Script, click  Download Script to save the script on your local machine.  If you will be running Azure CLI on another system such as a 'jump server' copy it to that host.

    1. Alternatively, use 'wget' to pull this script down to your execution platform, as shown below. Substitute your installation's Privacera Platform host domain name or IPv4 address for "<PRIVACERA_PORTAL_HOST>".

      wget http://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O
      # USE THE "--no-check-certificate" option for HTTPS - and remove the # below
      # wget --no-check-certificate https://<PRIVACERA_PORTAL_HOST>:6868/api/cam/download/script -O
    2. Copy the downloaded script to home directory.

      cp ~/
      cd ~/
    3. Set this file to be executable: 

      chmod a+x . ~/
  4. Under the Azure Cli Generate Token  section, first, generate a platform token. 


    All the commands should be run with a space between the dot (.) and the script name (~/

    1. Run the following command:

      . ~/ --config-token
    2. Select/check Never Expired to generate a token that does not expire. Click Generate.

  5. Enable the Proxy or the endpoint and run one of the two commands shown below.  

    . ~/ --enable-proxy


    . ~/ --enable-endpoint
  6. Under the Check Status section,  run the command below.

    . ~/ --status
  7. To disable both the proxy and the endpoint, under the Azure Access section, run the commands shown below.

    . ~/ --disable-proxy
    . ~/ --disable-endpoint

Azure CLI Examples#

List files in container

az storage blob list --container-name ${AZURE_CONTAINER_NAME} --output table
Upload a file

az storage blob upload --container-name ${AZURE_CONTAINER_NAME} --name ${BLOB_NAME} --file ${FILE_TO_UPLOAD}


az storage blob upload --container-name cust-data --name customer_data/customer_data_new.csv --file customer_data.csv

Download a file

az storage blob download --container-name ${AZURE_CONTAINER_NAME} --name ${BLOB_NAME_TO_DOWNLOAD} --file ${FILE_TO_WRITE}

az storage blob download --container-name cust-data --name customer_data/customer_data.csv --file customer_data.csv_new --output table

Azure Rest APIs#

Azure offers rest APIs to access their ADLS storage (like Azure CLI). Following examples show how to access ADLS storage using Rest APIs in more secured way using Privacera.

Export Data Server Properties

export DATASERVER_URL=<dataserver-url>
export AZURE_ADLS_STORAGE_ACCOUNT_NAME=<azure-storage-account-name>
export AZURE_ADLS_CONTAINER_NAME=<azure-container-name>
export PRIVACERA_TOKEN="<privacera-access-token>|<privacera-secret-token>"

Download Data Server CA certificates

curl -s -k "${DATASERVER_URL}/services/certificate" -o /tmp/cacerts
chmod 400 /tmp/cacerts

List containers

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/?comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

List BLOBs

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}?restype=container&comp=list" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts

Upload BLOB

curl -v -X PUT "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_NAME}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" -d'@{FILE_TO_UPLOAD}' -H "x-ms-blob-type: BlockBlob" --cacert /tmp/cacerts

Download BLOB

curl -v -X GET "${DATASERVER_URL}/${AZURE_ADLS_STORAGE_ACCOUNT_NAME}/${AZURE_ADLS_CONTAINER_NAME}/{FILE_TO_DOWNLOAD}" -H "Authorization: Bearer ${PRIVACERA_TOKEN}" -H "x-ms-version: 2018-11-09" --cacert /tmp/cacerts -o {FILE_NAME}