I have an Azure Function that triggers from a directory (namespace) nested within an ADLS Gen 2 storage container.
Example:
ADLS_AccountName/topLevelContainer/Directory1/Directory2/{name}
Unfortunately, the Function requires the Connection string of the entire DataLake as an input binding (stored as an app setting in local.settings.json).
This is far too much permission for a Function to have.
How do I generate a SAS token for a given nested namespace and use that as the app setting for the Function?
The answer marked as correct is no longer accurate. Please look at https://learn.microsoft.com/en-us/dotnet/api/azure.storage.sas.datalakesasbuilder?view=azure-dotnet Starting service version 2020-02-10 it is possible to generate SAS token for a directory in an ADLS Gen2 account.