azureazure-powershellazure-virtual-machineazure-disk

Revoke azure disk SAS (shared access signature) of disk


I am trying to revoke SAS for VM disk using Azure PowerShell but this function returns nothing:

Get-AzDiskAccess -ResourceGroupName <resourcegroupname>

However, in the Azure portal I see there is a SAS:

enter image description here

I am not sure how to remove SAS using PowerShell. I can remove it using portal.


Solution

  • I tried to reproduce the same in my environment and got the below results:

    In my Azure Portal, I activated SAS URL for disk attached to an VM like below:

    enter image description here

    When I tried to delete all VM related resources, all deleted except VM Disks with an exception like below:

    enter image description here

    The error usually occurs if Disk State is in Active SAS that don't allow Delete operation like below:

    enter image description here

    To resolve the error, you need to revoke access to Disk by clicking Cancel Export from Portal.

    If you want to do the same from PowerShell, you can use below commands:

    Connect-AzAccount -Tenant <TenantID>
    Revoke-AzDiskAccess -ResourceGroupName '<RG_Name>' -DiskName '<Disk_Name>'
    

    Response:

    enter image description here

    To confirm that, I checked in Azure Portal where Disk State is changed to Unattached like below:

    enter image description here

    When I clicked on Delete after revoking SAS, VM disk got deleted successfully like below:

    enter image description here