bump Azure SDK version and include storage mgmt package

Signed-off-by: Steve Kriss <steve@heptio.com>

Gopkg.lock

@@ -19,10 +19,11 @@
   packages = [
     "arm/disk",
     "arm/examples/helpers",
+    "services/storage/mgmt/2017-10-01/storage",
     "storage"
   ]
-  revision = "2d49bb8f2cee530cc16f1f1a9f0aae763dee257d"
-  version = "v10.2.1-beta"
+  revision = "2d1d76c9013c4feb6695a2346f0e66ea0ef77aa6"
+  version = "v11.3.0-beta"
 
 [[projects]]
   name = "github.com/Azure/go-autorest"
@@ -806,6 +807,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "70b3cfc235408d89934ada479417194e2a82df523f459f7d9d3264538805ea98"
+  inputs-digest = "84d160fa2e769b80040762566acadbe7c23ee774124dfdf7a498c0e65cd8011a"
   solver-name = "gps-cdcl"
   solver-version = 1

Gopkg.toml

@@ -66,7 +66,7 @@
 
 [[constraint]]
   name = "github.com/Azure/azure-sdk-for-go"
-  version = "~10.2.1-beta"
+  version = "~11.3.0-beta"
 
 [[constraint]]
   name = "cloud.google.com/go"

vendor/github.com/Azure/azure-sdk-for-go/NOTICE

@@ -0,0 +1,5 @@
+Microsoft Azure-SDK-for-Go
+Copyright 2014-2017 Microsoft
+
+This product includes software developed at
+the Microsoft Corporation (https://www.microsoft.com).

vendor/github.com/Azure/azure-sdk-for-go/arm/disk/version.go

@@ -19,10 +19,10 @@ package disk
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/v10.2.0-beta arm-disk/2016-04-30-preview"
+	return "Azure-SDK-For-Go/v11.3.0-beta arm-disk/2016-04-30-preview"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
 func Version() string {
-	return "v10.2.0-beta"
+	return "v11.3.0-beta"
 }

vendor/github.com/Azure/azure-sdk-for-go/arm/examples/helpers/helpers.go

@@ -1,8 +1,23 @@
 package helpers
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/json"
 	"fmt"
+
 	"github.com/Azure/go-autorest/autorest/adal"
 	"github.com/Azure/go-autorest/autorest/azure"
 )

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/accounts.go

@@ -0,0 +1,952 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"net/http"
+)
+
+// AccountsClient is the the Azure Storage Management API.
+type AccountsClient struct {
+	ManagementClient
+}
+
+// NewAccountsClient creates an instance of the AccountsClient client.
+func NewAccountsClient(subscriptionID string) AccountsClient {
+	return NewAccountsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewAccountsClientWithBaseURI creates an instance of the AccountsClient client.
+func NewAccountsClientWithBaseURI(baseURI string, subscriptionID string) AccountsClient {
+	return AccountsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CheckNameAvailability checks that the storage account name is valid and is not already in use.
+//
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only.
+func (client AccountsClient) CheckNameAvailability(accountName AccountCheckNameAvailabilityParameters) (result CheckNameAvailabilityResult, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName.Name", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "accountName.Type", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "CheckNameAvailability")
+	}
+
+	req, err := client.CheckNameAvailabilityPreparer(accountName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "CheckNameAvailability", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CheckNameAvailabilitySender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "CheckNameAvailability", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CheckNameAvailabilityResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "CheckNameAvailability", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// CheckNameAvailabilityPreparer prepares the CheckNameAvailability request.
+func (client AccountsClient) CheckNameAvailabilityPreparer(accountName AccountCheckNameAvailabilityParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/checkNameAvailability", pathParameters),
+		autorest.WithJSON(accountName),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// CheckNameAvailabilitySender sends the CheckNameAvailability request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) CheckNameAvailabilitySender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// CheckNameAvailabilityResponder handles the response to the CheckNameAvailability request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) CheckNameAvailabilityResponder(resp *http.Response) (result CheckNameAvailabilityResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Create asynchronously creates a new storage account with the specified parameters. If an account is already created
+// and a subsequent create request is issued with different properties, the account properties will be updated. If an
+// account is already created and a subsequent create or update request is issued with the exact same set of
+// properties, the request will succeed. This method may poll for completion. Polling can be canceled by passing the
+// cancel channel argument. The channel will be used to cancel polling and any outstanding HTTP requests.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only. parameters is the parameters to
+// provide for the created account.
+func (client AccountsClient) Create(resourceGroupName string, accountName string, parameters AccountCreateParameters, cancel <-chan struct{}) (<-chan Account, <-chan error) {
+	resultChan := make(chan Account, 1)
+	errChan := make(chan error, 1)
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}},
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.Sku", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "parameters.Location", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "parameters.Identity", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.Identity.Type", Name: validation.Null, Rule: true, Chain: nil}}},
+				{Target: "parameters.AccountPropertiesCreateParameters", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.AccountPropertiesCreateParameters.CustomDomain", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "parameters.AccountPropertiesCreateParameters.CustomDomain.Name", Name: validation.Null, Rule: true, Chain: nil}}},
+					}}}}}); err != nil {
+		errChan <- validation.NewErrorWithValidationError(err, "storage.AccountsClient", "Create")
+		close(errChan)
+		close(resultChan)
+		return resultChan, errChan
+	}
+
+	go func() {
+		var err error
+		var result Account
+		defer func() {
+			if err != nil {
+				errChan <- err
+			}
+			resultChan <- result
+			close(resultChan)
+			close(errChan)
+		}()
+		req, err := client.CreatePreparer(resourceGroupName, accountName, parameters, cancel)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Create", nil, "Failure preparing request")
+			return
+		}
+
+		resp, err := client.CreateSender(req)
+		if err != nil {
+			result.Response = autorest.Response{Response: resp}
+			err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Create", resp, "Failure sending request")
+			return
+		}
+
+		result, err = client.CreateResponder(resp)
+		if err != nil {
+			err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Create", resp, "Failure responding to request")
+		}
+	}()
+	return resultChan, errChan
+}
+
+// CreatePreparer prepares the Create request.
+func (client AccountsClient) CreatePreparer(resourceGroupName string, accountName string, parameters AccountCreateParameters, cancel <-chan struct{}) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{Cancel: cancel})
+}
+
+// CreateSender sends the Create request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) CreateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client),
+		azure.DoPollForAsynchronous(client.PollingDelay))
+}
+
+// CreateResponder handles the response to the Create request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) CreateResponder(resp *http.Response) (result Account, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a storage account in Microsoft Azure.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only.
+func (client AccountsClient) Delete(resourceGroupName string, accountName string) (result autorest.Response, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "Delete")
+	}
+
+	req, err := client.DeletePreparer(resourceGroupName, accountName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = resp
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Delete", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client AccountsClient) DeletePreparer(resourceGroupName string, accountName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) DeleteSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// GetProperties returns the properties for the specified storage account including but not limited to name, SKU name,
+// location, and account status. The ListKeys operation should be used to retrieve storage keys.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only.
+func (client AccountsClient) GetProperties(resourceGroupName string, accountName string) (result Account, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "GetProperties")
+	}
+
+	req, err := client.GetPropertiesPreparer(resourceGroupName, accountName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "GetProperties", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetPropertiesSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "GetProperties", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetPropertiesResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "GetProperties", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// GetPropertiesPreparer prepares the GetProperties request.
+func (client AccountsClient) GetPropertiesPreparer(resourceGroupName string, accountName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// GetPropertiesSender sends the GetProperties request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) GetPropertiesSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetPropertiesResponder handles the response to the GetProperties request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) GetPropertiesResponder(resp *http.Response) (result Account, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all the storage accounts available under the subscription. Note that storage keys are not returned; use
+// the ListKeys operation for this.
+func (client AccountsClient) List() (result AccountListResult, err error) {
+	req, err := client.ListPreparer()
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client AccountsClient) ListPreparer() (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/storageAccounts", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) ListResponder(resp *http.Response) (result AccountListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListAccountSAS list SAS credentials of a storage account.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only. parameters is the parameters to
+// provide to list SAS credentials for the storage account.
+func (client AccountsClient) ListAccountSAS(resourceGroupName string, accountName string, parameters AccountSasParameters) (result ListAccountSasResponse, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}},
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.SharedAccessExpiryTime", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "ListAccountSAS")
+	}
+
+	req, err := client.ListAccountSASPreparer(resourceGroupName, accountName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListAccountSAS", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListAccountSASSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListAccountSAS", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListAccountSASResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListAccountSAS", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListAccountSASPreparer prepares the ListAccountSAS request.
+func (client AccountsClient) ListAccountSASPreparer(resourceGroupName string, accountName string, parameters AccountSasParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/ListAccountSas", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListAccountSASSender sends the ListAccountSAS request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) ListAccountSASSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListAccountSASResponder handles the response to the ListAccountSAS request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) ListAccountSASResponder(resp *http.Response) (result ListAccountSasResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListByResourceGroup lists all the storage accounts available under the given resource group. Note that storage keys
+// are not returned; use the ListKeys operation for this.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+func (client AccountsClient) ListByResourceGroup(resourceGroupName string) (result AccountListResult, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "ListByResourceGroup")
+	}
+
+	req, err := client.ListByResourceGroupPreparer(resourceGroupName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListByResourceGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client AccountsClient) ListByResourceGroupPreparer(resourceGroupName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) ListByResourceGroupResponder(resp *http.Response) (result AccountListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListKeys lists the access keys for the specified storage account.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only.
+func (client AccountsClient) ListKeys(resourceGroupName string, accountName string) (result AccountListKeysResult, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "ListKeys")
+	}
+
+	req, err := client.ListKeysPreparer(resourceGroupName, accountName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListKeys", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListKeysSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListKeys", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListKeysResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListKeys", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListKeysPreparer prepares the ListKeys request.
+func (client AccountsClient) ListKeysPreparer(resourceGroupName string, accountName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/listKeys", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListKeysSender sends the ListKeys request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) ListKeysSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListKeysResponder handles the response to the ListKeys request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) ListKeysResponder(resp *http.Response) (result AccountListKeysResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListServiceSAS list service SAS credentials of a specific resource.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only. parameters is the parameters to
+// provide to list service SAS credentials.
+func (client AccountsClient) ListServiceSAS(resourceGroupName string, accountName string, parameters ServiceSasParameters) (result ListServiceSasResponse, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}},
+		{TargetValue: parameters,
+			Constraints: []validation.Constraint{{Target: "parameters.CanonicalizedResource", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "parameters.Identifier", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "parameters.Identifier", Name: validation.MaxLength, Rule: 64, Chain: nil}}}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "ListServiceSAS")
+	}
+
+	req, err := client.ListServiceSASPreparer(resourceGroupName, accountName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListServiceSAS", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListServiceSASSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListServiceSAS", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListServiceSASResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "ListServiceSAS", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListServiceSASPreparer prepares the ListServiceSAS request.
+func (client AccountsClient) ListServiceSASPreparer(resourceGroupName string, accountName string, parameters ServiceSasParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/ListServiceSas", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListServiceSASSender sends the ListServiceSAS request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) ListServiceSASSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListServiceSASResponder handles the response to the ListServiceSAS request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) ListServiceSASResponder(resp *http.Response) (result ListServiceSasResponse, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// RegenerateKey regenerates one of the access keys for the specified storage account.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only. regenerateKey is specifies name
+// of the key which should be regenerated -- key1 or key2.
+func (client AccountsClient) RegenerateKey(resourceGroupName string, accountName string, regenerateKey AccountRegenerateKeyParameters) (result AccountListKeysResult, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}},
+		{TargetValue: regenerateKey,
+			Constraints: []validation.Constraint{{Target: "regenerateKey.KeyName", Name: validation.Null, Rule: true, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "RegenerateKey")
+	}
+
+	req, err := client.RegenerateKeyPreparer(resourceGroupName, accountName, regenerateKey)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "RegenerateKey", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.RegenerateKeySender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "RegenerateKey", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.RegenerateKeyResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "RegenerateKey", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// RegenerateKeyPreparer prepares the RegenerateKey request.
+func (client AccountsClient) RegenerateKeyPreparer(resourceGroupName string, accountName string, regenerateKey AccountRegenerateKeyParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPost(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/regenerateKey", pathParameters),
+		autorest.WithJSON(regenerateKey),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// RegenerateKeySender sends the RegenerateKey request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) RegenerateKeySender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// RegenerateKeyResponder handles the response to the RegenerateKey request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) RegenerateKeyResponder(resp *http.Response) (result AccountListKeysResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Update the update operation can be used to update the SKU, encryption, access tier, or tags for a storage account.
+// It can also be used to map the account to a custom domain. Only one custom domain is supported per storage account;
+// the replacement/change of custom domain is not supported. In order to replace an old custom domain, the old value
+// must be cleared/unregistered before a new value can be set. The update of multiple properties is supported. This
+// call does not change the storage keys for the account. If you want to change the storage account keys, use the
+// regenerate keys operation. The location and name of the storage account cannot be changed after creation.
+//
+// resourceGroupName is the name of the resource group within the user's subscription. The name is case insensitive.
+// accountName is the name of the storage account within the specified resource group. Storage account names must be
+// between 3 and 24 characters in length and use numbers and lower-case letters only. parameters is the parameters to
+// provide for the updated account.
+func (client AccountsClient) Update(resourceGroupName string, accountName string, parameters AccountUpdateParameters) (result Account, err error) {
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: accountName,
+			Constraints: []validation.Constraint{{Target: "accountName", Name: validation.MaxLength, Rule: 24, Chain: nil},
+				{Target: "accountName", Name: validation.MinLength, Rule: 3, Chain: nil}}}}); err != nil {
+		return result, validation.NewErrorWithValidationError(err, "storage.AccountsClient", "Update")
+	}
+
+	req, err := client.UpdatePreparer(resourceGroupName, accountName, parameters)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.UpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Update", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.UpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.AccountsClient", "Update", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client AccountsClient) UpdatePreparer(resourceGroupName string, accountName string, parameters AccountUpdateParameters) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"accountName":       autorest.Encode("path", accountName),
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsJSON(),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}", pathParameters),
+		autorest.WithJSON(parameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client AccountsClient) UpdateSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client AccountsClient) UpdateResponder(resp *http.Response) (result Account, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/client.go

@@ -0,0 +1,51 @@
+// Package storage implements the Azure ARM Storage service API version 2017-10-01.
+//
+// The Azure Storage Management API.
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+)
+
+const (
+	// DefaultBaseURI is the default URI used for the service Storage
+	DefaultBaseURI = "https://management.azure.com"
+)
+
+// ManagementClient is the base client for Storage.
+type ManagementClient struct {
+	autorest.Client
+	BaseURI        string
+	SubscriptionID string
+}
+
+// New creates an instance of the ManagementClient client.
+func New(subscriptionID string) ManagementClient {
+	return NewWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewWithBaseURI creates an instance of the ManagementClient client.
+func NewWithBaseURI(baseURI string, subscriptionID string) ManagementClient {
+	return ManagementClient{
+		Client:         autorest.NewClientWithUserAgent(UserAgent()),
+		BaseURI:        baseURI,
+		SubscriptionID: subscriptionID,
+	}
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/models.go

@@ -0,0 +1,605 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/date"
+)
+
+// AccessTier enumerates the values for access tier.
+type AccessTier string
+
+const (
+	// Cool specifies the cool state for access tier.
+	Cool AccessTier = "Cool"
+	// Hot specifies the hot state for access tier.
+	Hot AccessTier = "Hot"
+)
+
+// AccountStatus enumerates the values for account status.
+type AccountStatus string
+
+const (
+	// Available specifies the available state for account status.
+	Available AccountStatus = "available"
+	// Unavailable specifies the unavailable state for account status.
+	Unavailable AccountStatus = "unavailable"
+)
+
+// Action enumerates the values for action.
+type Action string
+
+const (
+	// Allow specifies the allow state for action.
+	Allow Action = "Allow"
+)
+
+// Bypass enumerates the values for bypass.
+type Bypass string
+
+const (
+	// AzureServices specifies the azure services state for bypass.
+	AzureServices Bypass = "AzureServices"
+	// Logging specifies the logging state for bypass.
+	Logging Bypass = "Logging"
+	// Metrics specifies the metrics state for bypass.
+	Metrics Bypass = "Metrics"
+	// None specifies the none state for bypass.
+	None Bypass = "None"
+)
+
+// DefaultAction enumerates the values for default action.
+type DefaultAction string
+
+const (
+	// DefaultActionAllow specifies the default action allow state for default action.
+	DefaultActionAllow DefaultAction = "Allow"
+	// DefaultActionDeny specifies the default action deny state for default action.
+	DefaultActionDeny DefaultAction = "Deny"
+)
+
+// HTTPProtocol enumerates the values for http protocol.
+type HTTPProtocol string
+
+const (
+	// HTTPS specifies the https state for http protocol.
+	HTTPS HTTPProtocol = "https"
+	// Httpshttp specifies the httpshttp state for http protocol.
+	Httpshttp HTTPProtocol = "https,http"
+)
+
+// KeyPermission enumerates the values for key permission.
+type KeyPermission string
+
+const (
+	// Full specifies the full state for key permission.
+	Full KeyPermission = "Full"
+	// Read specifies the read state for key permission.
+	Read KeyPermission = "Read"
+)
+
+// KeySource enumerates the values for key source.
+type KeySource string
+
+const (
+	// MicrosoftKeyvault specifies the microsoft keyvault state for key source.
+	MicrosoftKeyvault KeySource = "Microsoft.Keyvault"
+	// MicrosoftStorage specifies the microsoft storage state for key source.
+	MicrosoftStorage KeySource = "Microsoft.Storage"
+)
+
+// Kind enumerates the values for kind.
+type Kind string
+
+const (
+	// BlobStorage specifies the blob storage state for kind.
+	BlobStorage Kind = "BlobStorage"
+	// Storage specifies the storage state for kind.
+	Storage Kind = "Storage"
+	// StorageV2 specifies the storage v2 state for kind.
+	StorageV2 Kind = "StorageV2"
+)
+
+// Permissions enumerates the values for permissions.
+type Permissions string
+
+const (
+	// A specifies the a state for permissions.
+	A Permissions = "a"
+	// C specifies the c state for permissions.
+	C Permissions = "c"
+	// D specifies the d state for permissions.
+	D Permissions = "d"
+	// L specifies the l state for permissions.
+	L Permissions = "l"
+	// P specifies the p state for permissions.
+	P Permissions = "p"
+	// R specifies the r state for permissions.
+	R Permissions = "r"
+	// U specifies the u state for permissions.
+	U Permissions = "u"
+	// W specifies the w state for permissions.
+	W Permissions = "w"
+)
+
+// ProvisioningState enumerates the values for provisioning state.
+type ProvisioningState string
+
+const (
+	// Creating specifies the creating state for provisioning state.
+	Creating ProvisioningState = "Creating"
+	// ResolvingDNS specifies the resolving dns state for provisioning state.
+	ResolvingDNS ProvisioningState = "ResolvingDNS"
+	// Succeeded specifies the succeeded state for provisioning state.
+	Succeeded ProvisioningState = "Succeeded"
+)
+
+// Reason enumerates the values for reason.
+type Reason string
+
+const (
+	// AccountNameInvalid specifies the account name invalid state for reason.
+	AccountNameInvalid Reason = "AccountNameInvalid"
+	// AlreadyExists specifies the already exists state for reason.
+	AlreadyExists Reason = "AlreadyExists"
+)
+
+// ReasonCode enumerates the values for reason code.
+type ReasonCode string
+
+const (
+	// NotAvailableForSubscription specifies the not available for subscription state for reason code.
+	NotAvailableForSubscription ReasonCode = "NotAvailableForSubscription"
+	// QuotaID specifies the quota id state for reason code.
+	QuotaID ReasonCode = "QuotaId"
+)
+
+// Services enumerates the values for services.
+type Services string
+
+const (
+	// B specifies the b state for services.
+	B Services = "b"
+	// F specifies the f state for services.
+	F Services = "f"
+	// Q specifies the q state for services.
+	Q Services = "q"
+	// T specifies the t state for services.
+	T Services = "t"
+)
+
+// SignedResource enumerates the values for signed resource.
+type SignedResource string
+
+const (
+	// SignedResourceB specifies the signed resource b state for signed resource.
+	SignedResourceB SignedResource = "b"
+	// SignedResourceC specifies the signed resource c state for signed resource.
+	SignedResourceC SignedResource = "c"
+	// SignedResourceF specifies the signed resource f state for signed resource.
+	SignedResourceF SignedResource = "f"
+	// SignedResourceS specifies the signed resource s state for signed resource.
+	SignedResourceS SignedResource = "s"
+)
+
+// SignedResourceTypes enumerates the values for signed resource types.
+type SignedResourceTypes string
+
+const (
+	// SignedResourceTypesC specifies the signed resource types c state for signed resource types.
+	SignedResourceTypesC SignedResourceTypes = "c"
+	// SignedResourceTypesO specifies the signed resource types o state for signed resource types.
+	SignedResourceTypesO SignedResourceTypes = "o"
+	// SignedResourceTypesS specifies the signed resource types s state for signed resource types.
+	SignedResourceTypesS SignedResourceTypes = "s"
+)
+
+// SkuName enumerates the values for sku name.
+type SkuName string
+
+const (
+	// PremiumLRS specifies the premium lrs state for sku name.
+	PremiumLRS SkuName = "Premium_LRS"
+	// StandardGRS specifies the standard grs state for sku name.
+	StandardGRS SkuName = "Standard_GRS"
+	// StandardLRS specifies the standard lrs state for sku name.
+	StandardLRS SkuName = "Standard_LRS"
+	// StandardRAGRS specifies the standard ragrs state for sku name.
+	StandardRAGRS SkuName = "Standard_RAGRS"
+	// StandardZRS specifies the standard zrs state for sku name.
+	StandardZRS SkuName = "Standard_ZRS"
+)
+
+// SkuTier enumerates the values for sku tier.
+type SkuTier string
+
+const (
+	// Premium specifies the premium state for sku tier.
+	Premium SkuTier = "Premium"
+	// Standard specifies the standard state for sku tier.
+	Standard SkuTier = "Standard"
+)
+
+// State enumerates the values for state.
+type State string
+
+const (
+	// StateDeprovisioning specifies the state deprovisioning state for state.
+	StateDeprovisioning State = "deprovisioning"
+	// StateFailed specifies the state failed state for state.
+	StateFailed State = "failed"
+	// StateNetworkSourceDeleted specifies the state network source deleted state for state.
+	StateNetworkSourceDeleted State = "networkSourceDeleted"
+	// StateProvisioning specifies the state provisioning state for state.
+	StateProvisioning State = "provisioning"
+	// StateSucceeded specifies the state succeeded state for state.
+	StateSucceeded State = "succeeded"
+)
+
+// UsageUnit enumerates the values for usage unit.
+type UsageUnit string
+
+const (
+	// Bytes specifies the bytes state for usage unit.
+	Bytes UsageUnit = "Bytes"
+	// BytesPerSecond specifies the bytes per second state for usage unit.
+	BytesPerSecond UsageUnit = "BytesPerSecond"
+	// Count specifies the count state for usage unit.
+	Count UsageUnit = "Count"
+	// CountsPerSecond specifies the counts per second state for usage unit.
+	CountsPerSecond UsageUnit = "CountsPerSecond"
+	// Percent specifies the percent state for usage unit.
+	Percent UsageUnit = "Percent"
+	// Seconds specifies the seconds state for usage unit.
+	Seconds UsageUnit = "Seconds"
+)
+
+// Account is the storage account.
+type Account struct {
+	autorest.Response  `json:"-"`
+	ID                 *string             `json:"id,omitempty"`
+	Name               *string             `json:"name,omitempty"`
+	Type               *string             `json:"type,omitempty"`
+	Location           *string             `json:"location,omitempty"`
+	Tags               *map[string]*string `json:"tags,omitempty"`
+	Sku                *Sku                `json:"sku,omitempty"`
+	Kind               Kind                `json:"kind,omitempty"`
+	Identity           *Identity           `json:"identity,omitempty"`
+	*AccountProperties `json:"properties,omitempty"`
+}
+
+// AccountCheckNameAvailabilityParameters is the parameters used to check the availabity of the storage account name.
+type AccountCheckNameAvailabilityParameters struct {
+	Name *string `json:"name,omitempty"`
+	Type *string `json:"type,omitempty"`
+}
+
+// AccountCreateParameters is the parameters used when creating a storage account.
+type AccountCreateParameters struct {
+	Sku                                *Sku                `json:"sku,omitempty"`
+	Kind                               Kind                `json:"kind,omitempty"`
+	Location                           *string             `json:"location,omitempty"`
+	Tags                               *map[string]*string `json:"tags,omitempty"`
+	Identity                           *Identity           `json:"identity,omitempty"`
+	*AccountPropertiesCreateParameters `json:"properties,omitempty"`
+}
+
+// AccountKey is an access key for the storage account.
+type AccountKey struct {
+	KeyName     *string       `json:"keyName,omitempty"`
+	Value       *string       `json:"value,omitempty"`
+	Permissions KeyPermission `json:"permissions,omitempty"`
+}
+
+// AccountListKeysResult is the response from the ListKeys operation.
+type AccountListKeysResult struct {
+	autorest.Response `json:"-"`
+	Keys              *[]AccountKey `json:"keys,omitempty"`
+}
+
+// AccountListResult is the response from the List Storage Accounts operation.
+type AccountListResult struct {
+	autorest.Response `json:"-"`
+	Value             *[]Account `json:"value,omitempty"`
+}
+
+// AccountProperties is properties of the storage account.
+type AccountProperties struct {
+	ProvisioningState      ProvisioningState `json:"provisioningState,omitempty"`
+	PrimaryEndpoints       *Endpoints        `json:"primaryEndpoints,omitempty"`
+	PrimaryLocation        *string           `json:"primaryLocation,omitempty"`
+	StatusOfPrimary        AccountStatus     `json:"statusOfPrimary,omitempty"`
+	LastGeoFailoverTime    *date.Time        `json:"lastGeoFailoverTime,omitempty"`
+	SecondaryLocation      *string           `json:"secondaryLocation,omitempty"`
+	StatusOfSecondary      AccountStatus     `json:"statusOfSecondary,omitempty"`
+	CreationTime           *date.Time        `json:"creationTime,omitempty"`
+	CustomDomain           *CustomDomain     `json:"customDomain,omitempty"`
+	SecondaryEndpoints     *Endpoints        `json:"secondaryEndpoints,omitempty"`
+	Encryption             *Encryption       `json:"encryption,omitempty"`
+	AccessTier             AccessTier        `json:"accessTier,omitempty"`
+	EnableHTTPSTrafficOnly *bool             `json:"supportsHttpsTrafficOnly,omitempty"`
+	NetworkRuleSet         *NetworkRuleSet   `json:"networkAcls,omitempty"`
+}
+
+// AccountPropertiesCreateParameters is the parameters used to create the storage account.
+type AccountPropertiesCreateParameters struct {
+	CustomDomain           *CustomDomain   `json:"customDomain,omitempty"`
+	Encryption             *Encryption     `json:"encryption,omitempty"`
+	NetworkRuleSet         *NetworkRuleSet `json:"networkAcls,omitempty"`
+	AccessTier             AccessTier      `json:"accessTier,omitempty"`
+	EnableHTTPSTrafficOnly *bool           `json:"supportsHttpsTrafficOnly,omitempty"`
+}
+
+// AccountPropertiesUpdateParameters is the parameters used when updating a storage account.
+type AccountPropertiesUpdateParameters struct {
+	CustomDomain           *CustomDomain   `json:"customDomain,omitempty"`
+	Encryption             *Encryption     `json:"encryption,omitempty"`
+	AccessTier             AccessTier      `json:"accessTier,omitempty"`
+	EnableHTTPSTrafficOnly *bool           `json:"supportsHttpsTrafficOnly,omitempty"`
+	NetworkRuleSet         *NetworkRuleSet `json:"networkAcls,omitempty"`
+}
+
+// AccountRegenerateKeyParameters is the parameters used to regenerate the storage account key.
+type AccountRegenerateKeyParameters struct {
+	KeyName *string `json:"keyName,omitempty"`
+}
+
+// AccountSasParameters is the parameters to list SAS credentials of a storage account.
+type AccountSasParameters struct {
+	Services               Services            `json:"signedServices,omitempty"`
+	ResourceTypes          SignedResourceTypes `json:"signedResourceTypes,omitempty"`
+	Permissions            Permissions         `json:"signedPermission,omitempty"`
+	IPAddressOrRange       *string             `json:"signedIp,omitempty"`
+	Protocols              HTTPProtocol        `json:"signedProtocol,omitempty"`
+	SharedAccessStartTime  *date.Time          `json:"signedStart,omitempty"`
+	SharedAccessExpiryTime *date.Time          `json:"signedExpiry,omitempty"`
+	KeyToSign              *string             `json:"keyToSign,omitempty"`
+}
+
+// AccountUpdateParameters is the parameters that can be provided when updating the storage account properties.
+type AccountUpdateParameters struct {
+	Sku                                *Sku                `json:"sku,omitempty"`
+	Tags                               *map[string]*string `json:"tags,omitempty"`
+	Identity                           *Identity           `json:"identity,omitempty"`
+	*AccountPropertiesUpdateParameters `json:"properties,omitempty"`
+	Kind                               Kind `json:"kind,omitempty"`
+}
+
+// CheckNameAvailabilityResult is the CheckNameAvailability operation response.
+type CheckNameAvailabilityResult struct {
+	autorest.Response `json:"-"`
+	NameAvailable     *bool   `json:"nameAvailable,omitempty"`
+	Reason            Reason  `json:"reason,omitempty"`
+	Message           *string `json:"message,omitempty"`
+}
+
+// CustomDomain is the custom domain assigned to this storage account. This can be set via Update.
+type CustomDomain struct {
+	Name         *string `json:"name,omitempty"`
+	UseSubDomain *bool   `json:"useSubDomain,omitempty"`
+}
+
+// Dimension is dimension of blobs, possiblly be blob type or access tier.
+type Dimension struct {
+	Name        *string `json:"name,omitempty"`
+	DisplayName *string `json:"displayName,omitempty"`
+}
+
+// Encryption is the encryption settings on the storage account.
+type Encryption struct {
+	Services           *EncryptionServices `json:"services,omitempty"`
+	KeySource          KeySource           `json:"keySource,omitempty"`
+	KeyVaultProperties *KeyVaultProperties `json:"keyvaultproperties,omitempty"`
+}
+
+// EncryptionService is a service that allows server-side encryption to be used.
+type EncryptionService struct {
+	Enabled         *bool      `json:"enabled,omitempty"`
+	LastEnabledTime *date.Time `json:"lastEnabledTime,omitempty"`
+}
+
+// EncryptionServices is a list of services that support encryption.
+type EncryptionServices struct {
+	Blob  *EncryptionService `json:"blob,omitempty"`
+	File  *EncryptionService `json:"file,omitempty"`
+	Table *EncryptionService `json:"table,omitempty"`
+	Queue *EncryptionService `json:"queue,omitempty"`
+}
+
+// Endpoints is the URIs that are used to perform a retrieval of a public blob, queue, or table object.
+type Endpoints struct {
+	Blob  *string `json:"blob,omitempty"`
+	Queue *string `json:"queue,omitempty"`
+	Table *string `json:"table,omitempty"`
+	File  *string `json:"file,omitempty"`
+}
+
+// Identity is identity for the resource.
+type Identity struct {
+	PrincipalID *string `json:"principalId,omitempty"`
+	TenantID    *string `json:"tenantId,omitempty"`
+	Type        *string `json:"type,omitempty"`
+}
+
+// IPRule is IP rule with specific IP or IP range in CIDR format.
+type IPRule struct {
+	IPAddressOrRange *string `json:"value,omitempty"`
+	Action           Action  `json:"action,omitempty"`
+}
+
+// KeyVaultProperties is properties of key vault.
+type KeyVaultProperties struct {
+	KeyName     *string `json:"keyname,omitempty"`
+	KeyVersion  *string `json:"keyversion,omitempty"`
+	KeyVaultURI *string `json:"keyvaulturi,omitempty"`
+}
+
+// ListAccountSasResponse is the List SAS credentials operation response.
+type ListAccountSasResponse struct {
+	autorest.Response `json:"-"`
+	AccountSasToken   *string `json:"accountSasToken,omitempty"`
+}
+
+// ListServiceSasResponse is the List service SAS credentials operation response.
+type ListServiceSasResponse struct {
+	autorest.Response `json:"-"`
+	ServiceSasToken   *string `json:"serviceSasToken,omitempty"`
+}
+
+// MetricSpecification is metric specification of operation.
+type MetricSpecification struct {
+	Name                            *string      `json:"name,omitempty"`
+	DisplayName                     *string      `json:"displayName,omitempty"`
+	DisplayDescription              *string      `json:"displayDescription,omitempty"`
+	Unit                            *string      `json:"unit,omitempty"`
+	Dimensions                      *[]Dimension `json:"dimensions,omitempty"`
+	AggregationType                 *string      `json:"aggregationType,omitempty"`
+	FillGapWithZero                 *bool        `json:"fillGapWithZero,omitempty"`
+	Category                        *string      `json:"category,omitempty"`
+	ResourceIDDimensionNameOverride *string      `json:"resourceIdDimensionNameOverride,omitempty"`
+}
+
+// NetworkRuleSet is network rule set
+type NetworkRuleSet struct {
+	Bypass              Bypass                `json:"bypass,omitempty"`
+	VirtualNetworkRules *[]VirtualNetworkRule `json:"virtualNetworkRules,omitempty"`
+	IPRules             *[]IPRule             `json:"ipRules,omitempty"`
+	DefaultAction       DefaultAction         `json:"defaultAction,omitempty"`
+}
+
+// Operation is storage REST API operation definition.
+type Operation struct {
+	Name                 *string           `json:"name,omitempty"`
+	Display              *OperationDisplay `json:"display,omitempty"`
+	Origin               *string           `json:"origin,omitempty"`
+	*OperationProperties `json:"properties,omitempty"`
+}
+
+// OperationDisplay is display metadata associated with the operation.
+type OperationDisplay struct {
+	Provider  *string `json:"provider,omitempty"`
+	Resource  *string `json:"resource,omitempty"`
+	Operation *string `json:"operation,omitempty"`
+}
+
+// OperationListResult is result of the request to list Storage operations. It contains a list of operations and a URL
+// link to get the next set of results.
+type OperationListResult struct {
+	autorest.Response `json:"-"`
+	Value             *[]Operation `json:"value,omitempty"`
+}
+
+// OperationProperties is properties of operation, include metric specifications.
+type OperationProperties struct {
+	ServiceSpecification *ServiceSpecification `json:"serviceSpecification,omitempty"`
+}
+
+// Resource is describes a storage resource.
+type Resource struct {
+	ID       *string             `json:"id,omitempty"`
+	Name     *string             `json:"name,omitempty"`
+	Type     *string             `json:"type,omitempty"`
+	Location *string             `json:"location,omitempty"`
+	Tags     *map[string]*string `json:"tags,omitempty"`
+}
+
+// Restriction is the restriction because of which SKU cannot be used.
+type Restriction struct {
+	Type       *string    `json:"type,omitempty"`
+	Values     *[]string  `json:"values,omitempty"`
+	ReasonCode ReasonCode `json:"reasonCode,omitempty"`
+}
+
+// ServiceSasParameters is the parameters to list service SAS credentials of a speicific resource.
+type ServiceSasParameters struct {
+	CanonicalizedResource  *string        `json:"canonicalizedResource,omitempty"`
+	Resource               SignedResource `json:"signedResource,omitempty"`
+	Permissions            Permissions    `json:"signedPermission,omitempty"`
+	IPAddressOrRange       *string        `json:"signedIp,omitempty"`
+	Protocols              HTTPProtocol   `json:"signedProtocol,omitempty"`
+	SharedAccessStartTime  *date.Time     `json:"signedStart,omitempty"`
+	SharedAccessExpiryTime *date.Time     `json:"signedExpiry,omitempty"`
+	Identifier             *string        `json:"signedIdentifier,omitempty"`
+	PartitionKeyStart      *string        `json:"startPk,omitempty"`
+	PartitionKeyEnd        *string        `json:"endPk,omitempty"`
+	RowKeyStart            *string        `json:"startRk,omitempty"`
+	RowKeyEnd              *string        `json:"endRk,omitempty"`
+	KeyToSign              *string        `json:"keyToSign,omitempty"`
+	CacheControl           *string        `json:"rscc,omitempty"`
+	ContentDisposition     *string        `json:"rscd,omitempty"`
+	ContentEncoding        *string        `json:"rsce,omitempty"`
+	ContentLanguage        *string        `json:"rscl,omitempty"`
+	ContentType            *string        `json:"rsct,omitempty"`
+}
+
+// ServiceSpecification is one property of operation, include metric specifications.
+type ServiceSpecification struct {
+	MetricSpecifications *[]MetricSpecification `json:"metricSpecifications,omitempty"`
+}
+
+// Sku is the SKU of the storage account.
+type Sku struct {
+	Name         SkuName          `json:"name,omitempty"`
+	Tier         SkuTier          `json:"tier,omitempty"`
+	ResourceType *string          `json:"resourceType,omitempty"`
+	Kind         Kind             `json:"kind,omitempty"`
+	Locations    *[]string        `json:"locations,omitempty"`
+	Capabilities *[]SKUCapability `json:"capabilities,omitempty"`
+	Restrictions *[]Restriction   `json:"restrictions,omitempty"`
+}
+
+// SKUCapability is the capability information in the specified sku, including file encryption, network acls, change
+// notification, etc.
+type SKUCapability struct {
+	Name  *string `json:"name,omitempty"`
+	Value *string `json:"value,omitempty"`
+}
+
+// SkuListResult is the response from the List Storage SKUs operation.
+type SkuListResult struct {
+	autorest.Response `json:"-"`
+	Value             *[]Sku `json:"value,omitempty"`
+}
+
+// Usage is describes Storage Resource Usage.
+type Usage struct {
+	Unit         UsageUnit  `json:"unit,omitempty"`
+	CurrentValue *int32     `json:"currentValue,omitempty"`
+	Limit        *int32     `json:"limit,omitempty"`
+	Name         *UsageName `json:"name,omitempty"`
+}
+
+// UsageListResult is the response from the List Usages operation.
+type UsageListResult struct {
+	autorest.Response `json:"-"`
+	Value             *[]Usage `json:"value,omitempty"`
+}
+
+// UsageName is the usage names that can be used; currently limited to StorageAccount.
+type UsageName struct {
+	Value          *string `json:"value,omitempty"`
+	LocalizedValue *string `json:"localizedValue,omitempty"`
+}
+
+// VirtualNetworkRule is virtual Network rule.
+type VirtualNetworkRule struct {
+	VirtualNetworkResourceID *string `json:"id,omitempty"`
+	Action                   Action  `json:"action,omitempty"`
+	State                    State   `json:"state,omitempty"`
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/operations.go

@@ -0,0 +1,98 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// OperationsClient is the the Azure Storage Management API.
+type OperationsClient struct {
+	ManagementClient
+}
+
+// NewOperationsClient creates an instance of the OperationsClient client.
+func NewOperationsClient(subscriptionID string) OperationsClient {
+	return NewOperationsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewOperationsClientWithBaseURI creates an instance of the OperationsClient client.
+func NewOperationsClientWithBaseURI(baseURI string, subscriptionID string) OperationsClient {
+	return OperationsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List lists all of the available Storage Rest API operations.
+func (client OperationsClient) List() (result OperationListResult, err error) {
+	req, err := client.ListPreparer()
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.OperationsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.OperationsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.OperationsClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client OperationsClient) ListPreparer() (*http.Request, error) {
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPath("/providers/Microsoft.Storage/operations"),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client OperationsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client OperationsClient) ListResponder(resp *http.Response) (result OperationListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/skus.go

@@ -0,0 +1,102 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// SkusClient is the the Azure Storage Management API.
+type SkusClient struct {
+	ManagementClient
+}
+
+// NewSkusClient creates an instance of the SkusClient client.
+func NewSkusClient(subscriptionID string) SkusClient {
+	return NewSkusClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewSkusClientWithBaseURI creates an instance of the SkusClient client.
+func NewSkusClientWithBaseURI(baseURI string, subscriptionID string) SkusClient {
+	return SkusClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List lists the available SKUs supported by Microsoft.Storage for given subscription.
+func (client SkusClient) List() (result SkuListResult, err error) {
+	req, err := client.ListPreparer()
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.SkusClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.SkusClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.SkusClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client SkusClient) ListPreparer() (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/skus", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client SkusClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client SkusClient) ListResponder(resp *http.Response) (result SkuListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/usage.go

@@ -0,0 +1,102 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"net/http"
+)
+
+// UsageClient is the the Azure Storage Management API.
+type UsageClient struct {
+	ManagementClient
+}
+
+// NewUsageClient creates an instance of the UsageClient client.
+func NewUsageClient(subscriptionID string) UsageClient {
+	return NewUsageClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewUsageClientWithBaseURI creates an instance of the UsageClient client.
+func NewUsageClientWithBaseURI(baseURI string, subscriptionID string) UsageClient {
+	return UsageClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// List gets the current usage count and the limit for the resources under the subscription.
+func (client UsageClient) List() (result UsageListResult, err error) {
+	req, err := client.ListPreparer()
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "storage.UsageClient", "List", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client UsageClient) ListPreparer() (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2017-10-01"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Storage/usages", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare(&http.Request{})
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client UsageClient) ListSender(req *http.Request) (*http.Response, error) {
+	return autorest.SendWithSender(client,
+		req,
+		azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client UsageClient) ListResponder(resp *http.Response) (result UsageListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}

vendor/github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2017-10-01/storage/version.go

@@ -0,0 +1,28 @@
+package storage
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// UserAgent returns the UserAgent string to use when sending http.Requests.
+func UserAgent() string {
+	return "Azure-SDK-For-Go/v11.3.0-beta arm-storage/2017-10-01"
+}
+
+// Version returns the semantic version (see http://semver.org) of the client.
+func Version() string {
+	return "v11.3.0-beta"
+}

vendor/github.com/Azure/azure-sdk-for-go/storage/appendblob.go

@@ -1,7 +1,23 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
+	"crypto/md5"
+	"encoding/base64"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -31,8 +47,7 @@ func (b *Blob) PutAppendBlob(options *PutBlobOptions) error {
 	if err != nil {
 		return err
 	}
-	readAndCloseBody(resp.body)
-	return checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	return b.respondCreation(resp, BlobTypeAppend)
 }
 
 // AppendBlockOptions includes the options for an append block operation
@@ -46,6 +61,7 @@ type AppendBlockOptions struct {
 	IfMatch           string     `header:"If-Match"`
 	IfNoneMatch       string     `header:"If-None-Match"`
 	RequestID         string     `header:"x-ms-client-request-id"`
+	ContentMD5        bool
 }
 
 // AppendBlock appends a block to an append blob.
@@ -60,6 +76,10 @@ func (b *Blob) AppendBlock(chunk []byte, options *AppendBlockOptions) error {
 	if options != nil {
 		params = addTimeout(params, options.Timeout)
 		headers = mergeHeaders(headers, headersFromStruct(*options))
+		if options.ContentMD5 {
+			md5sum := md5.Sum(chunk)
+			headers[headerContentMD5] = base64.StdEncoding.EncodeToString(md5sum[:])
+		}
 	}
 	uri := b.Container.bsc.client.getEndpoint(blobServiceName, b.buildPath(), params)
 
@@ -67,6 +87,5 @@ func (b *Blob) AppendBlock(chunk []byte, options *AppendBlockOptions) error {
 	if err != nil {
 		return err
 	}
-	readAndCloseBody(resp.body)
-	return checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	return b.respondCreation(resp, BlobTypeAppend)
 }

vendor/github.com/Azure/azure-sdk-for-go/storage/authorization.go

@@ -1,6 +1,20 @@
 // Package storage provides clients for Microsoft Azure Storage Services.
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"fmt"
@@ -41,16 +55,18 @@ const (
 )
 
 func (c *Client) addAuthorizationHeader(verb, url string, headers map[string]string, auth authentication) (map[string]string, error) {
-	authHeader, err := c.getSharedKey(verb, url, headers, auth)
-	if err != nil {
-		return nil, err
+	if !c.sasClient {
+		authHeader, err := c.getSharedKey(verb, url, headers, auth)
+		if err != nil {
+			return nil, err
+		}
+		headers[headerAuthorization] = authHeader
 	}
-	headers[headerAuthorization] = authHeader
 	return headers, nil
 }
 
 func (c *Client) getSharedKey(verb, url string, headers map[string]string, auth authentication) (string, error) {
-	canRes, err := c.buildCanonicalizedResource(url, auth)
+	canRes, err := c.buildCanonicalizedResource(url, auth, false)
 	if err != nil {
 		return "", err
 	}
@@ -62,15 +78,18 @@ func (c *Client) getSharedKey(verb, url string, headers map[string]string, auth
 	return c.createAuthorizationHeader(canString, auth), nil
 }
 
-func (c *Client) buildCanonicalizedResource(uri string, auth authentication) (string, error) {
+func (c *Client) buildCanonicalizedResource(uri string, auth authentication, sas bool) (string, error) {
 	errMsg := "buildCanonicalizedResource error: %s"
 	u, err := url.Parse(uri)
 	if err != nil {
 		return "", fmt.Errorf(errMsg, err.Error())
 	}
 
-	cr := bytes.NewBufferString("/")
-	cr.WriteString(c.getCanonicalizedAccountName())
+	cr := bytes.NewBufferString("")
+	if c.accountName != StorageEmulatorAccountName || !sas {
+		cr.WriteString("/")
+		cr.WriteString(c.getCanonicalizedAccountName())
+	}
 
 	if len(u.Path) > 0 {
 		// Any portion of the CanonicalizedResource string that is derived from

vendor/github.com/Azure/azure-sdk-for-go/storage/blob.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"errors"
@@ -90,7 +104,7 @@ type BlobProperties struct {
 	CacheControl          string      `xml:"Cache-Control" header:"x-ms-blob-cache-control"`
 	ContentLanguage       string      `xml:"Cache-Language" header:"x-ms-blob-content-language"`
 	ContentDisposition    string      `xml:"Content-Disposition" header:"x-ms-blob-content-disposition"`
-	BlobType              BlobType    `xml:"x-ms-blob-blob-type"`
+	BlobType              BlobType    `xml:"BlobType"`
 	SequenceNumber        int64       `xml:"x-ms-blob-sequence-number"`
 	CopyID                string      `xml:"CopyId"`
 	CopyStatus            string      `xml:"CopyStatus"`
@@ -135,8 +149,7 @@ func (b *Blob) Exists() (bool, error) {
 }
 
 // GetURL gets the canonical URL to the blob with the specified name in the
-// specified container. If name is not specified, the canonical URL for the entire
-// container is obtained.
+// specified container.
 // This method does not create a publicly accessible URL if the blob or container
 // is private and this method does not check if the blob exists.
 func (b *Blob) GetURL() string {
@@ -437,8 +450,8 @@ func (b *Blob) SetProperties(options *SetBlobPropertiesOptions) error {
 	uri := b.Container.bsc.client.getEndpoint(blobServiceName, b.buildPath(), params)
 
 	if b.Properties.BlobType == BlobTypePage {
-		headers = addToHeaders(headers, "x-ms-blob-content-length", fmt.Sprintf("byte %v", b.Properties.ContentLength))
-		if options != nil || options.SequenceNumberAction != nil {
+		headers = addToHeaders(headers, "x-ms-blob-content-length", fmt.Sprintf("%v", b.Properties.ContentLength))
+		if options != nil && options.SequenceNumberAction != nil {
 			headers = addToHeaders(headers, "x-ms-sequence-number-action", string(*options.SequenceNumberAction))
 			if *options.SequenceNumberAction != SequenceNumberActionIncrement {
 				headers = addToHeaders(headers, "x-ms-blob-sequence-number", fmt.Sprintf("%v", b.Properties.SequenceNumber))
@@ -536,27 +549,7 @@ func (b *Blob) GetMetadata(options *GetBlobMetadataOptions) error {
 }
 
 func (b *Blob) writeMetadata(h http.Header) {
-	metadata := make(map[string]string)
-	for k, v := range h {
-		// Can't trust CanonicalHeaderKey() to munge case
-		// reliably. "_" is allowed in identifiers:
-		// https://msdn.microsoft.com/en-us/library/azure/dd179414.aspx
-		// https://msdn.microsoft.com/library/aa664670(VS.71).aspx
-		// http://tools.ietf.org/html/rfc7230#section-3.2
-		// ...but "_" is considered invalid by
-		// CanonicalMIMEHeaderKey in
-		// https://golang.org/src/net/textproto/reader.go?s=14615:14659#L542
-		// so k can be "X-Ms-Meta-Lol" or "x-ms-meta-lol_rofl".
-		k = strings.ToLower(k)
-		if len(v) == 0 || !strings.HasPrefix(k, strings.ToLower(userDefinedMetadataHeaderPrefix)) {
-			continue
-		}
-		// metadata["lol"] = content of the last X-Ms-Meta-Lol header
-		k = k[len(userDefinedMetadataHeaderPrefix):]
-		metadata[k] = v[len(v)-1]
-	}
-
-	b.Metadata = BlobMetadata(metadata)
+	b.Metadata = BlobMetadata(writeMetadata(h))
 }
 
 // DeleteBlobOptions includes the options for a delete blob operation
@@ -627,3 +620,13 @@ func pathForResource(container, name string) string {
 	}
 	return fmt.Sprintf("/%s", container)
 }
+
+func (b *Blob) respondCreation(resp *storageResponse, bt BlobType) error {
+	readAndCloseBody(resp.body)
+	err := checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	if err != nil {
+		return err
+	}
+	b.Properties.BlobType = bt
+	return nil
+}

vendor/github.com/Azure/azure-sdk-for-go/storage/blobsasuri.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"errors"
 	"fmt"
@@ -8,68 +22,122 @@ import (
 	"time"
 )
 
-// GetSASURIWithSignedIPAndProtocol creates an URL to the specified blob which contains the Shared
-// Access Signature with specified permissions and expiration time. Also includes signedIPRange and allowed protocols.
-// If old API version is used but no signedIP is passed (ie empty string) then this should still work.
-// We only populate the signedIP when it non-empty.
+// OverrideHeaders defines overridable response heaedrs in
+// a request using a SAS URI.
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+type OverrideHeaders struct {
+	CacheControl       string
+	ContentDisposition string
+	ContentEncoding    string
+	ContentLanguage    string
+	ContentType        string
+}
+
+// BlobSASOptions are options to construct a blob SAS
+// URI.
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+type BlobSASOptions struct {
+	BlobServiceSASPermissions
+	OverrideHeaders
+	SASOptions
+}
+
+// BlobServiceSASPermissions includes the available permissions for
+// blob service SAS URI.
+type BlobServiceSASPermissions struct {
+	Read   bool
+	Add    bool
+	Create bool
+	Write  bool
+	Delete bool
+}
+
+func (p BlobServiceSASPermissions) buildString() string {
+	permissions := ""
+	if p.Read {
+		permissions += "r"
+	}
+	if p.Add {
+		permissions += "a"
+	}
+	if p.Create {
+		permissions += "c"
+	}
+	if p.Write {
+		permissions += "w"
+	}
+	if p.Delete {
+		permissions += "d"
+	}
+	return permissions
+}
+
+// GetSASURI creates an URL to the blob which contains the Shared
+// Access Signature with the specified options.
 //
-// See https://msdn.microsoft.com/en-us/library/azure/ee395415.aspx
-func (b *Blob) GetSASURIWithSignedIPAndProtocol(expiry time.Time, permissions string, signedIPRange string, HTTPSOnly bool) (string, error) {
-	var (
-		signedPermissions = permissions
-		blobURL           = b.GetURL()
-	)
-	canonicalizedResource, err := b.Container.bsc.client.buildCanonicalizedResource(blobURL, b.Container.bsc.auth)
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+func (b *Blob) GetSASURI(options BlobSASOptions) (string, error) {
+	uri := b.GetURL()
+	signedResource := "b"
+	canonicalizedResource, err := b.Container.bsc.client.buildCanonicalizedResource(uri, b.Container.bsc.auth, true)
 	if err != nil {
 		return "", err
 	}
 
-	// "The canonicalizedresouce portion of the string is a canonical path to the signed resource.
-	// It must include the service name (blob, table, queue or file) for version 2015-02-21 or
-	// later, the storage account name, and the resource name, and must be URL-decoded.
-	// -- https://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
+	permissions := options.BlobServiceSASPermissions.buildString()
+	return b.Container.bsc.client.blobAndFileSASURI(options.SASOptions, uri, permissions, canonicalizedResource, signedResource, options.OverrideHeaders)
+}
+
+func (c *Client) blobAndFileSASURI(options SASOptions, uri, permissions, canonicalizedResource, signedResource string, headers OverrideHeaders) (string, error) {
+	start := ""
+	if options.Start != (time.Time{}) {
+		start = options.Start.UTC().Format(time.RFC3339)
+	}
+
+	expiry := options.Expiry.UTC().Format(time.RFC3339)
 
 	// We need to replace + with %2b first to avoid being treated as a space (which is correct for query strings, but not the path component).
 	canonicalizedResource = strings.Replace(canonicalizedResource, "+", "%2b", -1)
-	canonicalizedResource, err = url.QueryUnescape(canonicalizedResource)
+	canonicalizedResource, err := url.QueryUnescape(canonicalizedResource)
 	if err != nil {
 		return "", err
 	}
 
-	signedExpiry := expiry.UTC().Format(time.RFC3339)
-
-	//If blob name is missing, resource is a container
-	signedResource := "c"
-	if len(b.Name) > 0 {
-		signedResource = "b"
-	}
-
-	protocols := "https,http"
-	if HTTPSOnly {
+	protocols := ""
+	if options.UseHTTPS {
 		protocols = "https"
 	}
-	stringToSign, err := blobSASStringToSign(b.Container.bsc.client.apiVersion, canonicalizedResource, signedExpiry, signedPermissions, signedIPRange, protocols)
+	stringToSign, err := blobSASStringToSign(permissions, start, expiry, canonicalizedResource, options.Identifier, options.IP, protocols, c.apiVersion, headers)
 	if err != nil {
 		return "", err
 	}
 
-	sig := b.Container.bsc.client.computeHmac256(stringToSign)
+	sig := c.computeHmac256(stringToSign)
 	sasParams := url.Values{
-		"sv":  {b.Container.bsc.client.apiVersion},
-		"se":  {signedExpiry},
+		"sv":  {c.apiVersion},
+		"se":  {expiry},
 		"sr":  {signedResource},
-		"sp":  {signedPermissions},
+		"sp":  {permissions},
 		"sig": {sig},
 	}
 
-	if b.Container.bsc.client.apiVersion >= "2015-04-05" {
-		sasParams.Add("spr", protocols)
-		if signedIPRange != "" {
-			sasParams.Add("sip", signedIPRange)
+	if c.apiVersion >= "2015-04-05" {
+		if protocols != "" {
+			sasParams.Add("spr", protocols)
+		}
+		if options.IP != "" {
+			sasParams.Add("sip", options.IP)
 		}
 	}
 
-	sasURL, err := url.Parse(blobURL)
+	// Add override response hedaers
+	addQueryParameter(sasParams, "rscc", headers.CacheControl)
+	addQueryParameter(sasParams, "rscd", headers.ContentDisposition)
+	addQueryParameter(sasParams, "rsce", headers.ContentEncoding)
+	addQueryParameter(sasParams, "rscl", headers.ContentLanguage)
+	addQueryParameter(sasParams, "rsct", headers.ContentType)
+
+	sasURL, err := url.Parse(uri)
 	if err != nil {
 		return "", err
 	}
@@ -77,16 +145,12 @@ func (b *Blob) GetSASURIWithSignedIPAndProtocol(expiry time.Time, permissions st
 	return sasURL.String(), nil
 }
 
-// GetSASURI creates an URL to the specified blob which contains the Shared
-// Access Signature with specified permissions and expiration time.
-//
-// See https://msdn.microsoft.com/en-us/library/azure/ee395415.aspx
-func (b *Blob) GetSASURI(expiry time.Time, permissions string) (string, error) {
-	return b.GetSASURIWithSignedIPAndProtocol(expiry, permissions, "", false)
-}
-
-func blobSASStringToSign(signedVersion, canonicalizedResource, signedExpiry, signedPermissions string, signedIP string, protocols string) (string, error) {
-	var signedStart, signedIdentifier, rscc, rscd, rsce, rscl, rsct string
+func blobSASStringToSign(signedPermissions, signedStart, signedExpiry, canonicalizedResource, signedIdentifier, signedIP, protocols, signedVersion string, headers OverrideHeaders) (string, error) {
+	rscc := headers.CacheControl
+	rscd := headers.ContentDisposition
+	rsce := headers.ContentEncoding
+	rscl := headers.ContentLanguage
+	rsct := headers.ContentType
 
 	if signedVersion >= "2015-02-21" {
 		canonicalizedResource = "/blob" + canonicalizedResource

vendor/github.com/Azure/azure-sdk-for-go/storage/blobserviceclient.go

@@ -1,9 +1,26 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
+	"encoding/xml"
+	"fmt"
 	"net/http"
 	"net/url"
 	"strconv"
+	"strings"
 )
 
 // BlobStorageClient contains operations for Microsoft Azure Blob Storage
@@ -45,6 +62,21 @@ func (b *BlobStorageClient) GetContainerReference(name string) *Container {
 	}
 }
 
+// GetContainerReferenceFromSASURI returns a Container object for the specified
+// container SASURI
+func GetContainerReferenceFromSASURI(sasuri url.URL) (*Container, error) {
+	path := strings.Split(sasuri.Path, "/")
+	if len(path) <= 1 {
+		return nil, fmt.Errorf("could not find a container in URI: %s", sasuri.String())
+	}
+	cli := newSASClient().GetBlobService()
+	return &Container{
+		bsc:    &cli,
+		Name:   path[1],
+		sasuri: sasuri,
+	}, nil
+}
+
 // ListContainers returns the list of containers in a storage account along with
 // pagination token and other response details.
 //
@@ -54,21 +86,53 @@ func (b BlobStorageClient) ListContainers(params ListContainersParameters) (*Con
 	uri := b.client.getEndpoint(blobServiceName, "", q)
 	headers := b.client.getStandardHeaders()
 
-	var out ContainerListResponse
+	type ContainerAlias struct {
+		bsc        *BlobStorageClient
+		Name       string              `xml:"Name"`
+		Properties ContainerProperties `xml:"Properties"`
+		Metadata   BlobMetadata
+		sasuri     url.URL
+	}
+	type ContainerListResponseAlias struct {
+		XMLName    xml.Name         `xml:"EnumerationResults"`
+		Xmlns      string           `xml:"xmlns,attr"`
+		Prefix     string           `xml:"Prefix"`
+		Marker     string           `xml:"Marker"`
+		NextMarker string           `xml:"NextMarker"`
+		MaxResults int64            `xml:"MaxResults"`
+		Containers []ContainerAlias `xml:"Containers>Container"`
+	}
+
+	var outAlias ContainerListResponseAlias
 	resp, err := b.client.exec(http.MethodGet, uri, headers, nil, b.auth)
 	if err != nil {
 		return nil, err
 	}
 	defer resp.body.Close()
-	err = xmlUnmarshal(resp.body, &out)
+	err = xmlUnmarshal(resp.body, &outAlias)
 	if err != nil {
 		return nil, err
 	}
 
-	// assign our client to the newly created Container objects
-	for i := range out.Containers {
-		out.Containers[i].bsc = &b
+	out := ContainerListResponse{
+		XMLName:    outAlias.XMLName,
+		Xmlns:      outAlias.Xmlns,
+		Prefix:     outAlias.Prefix,
+		Marker:     outAlias.Marker,
+		NextMarker: outAlias.NextMarker,
+		MaxResults: outAlias.MaxResults,
+		Containers: make([]Container, len(outAlias.Containers)),
 	}
+	for i, cnt := range outAlias.Containers {
+		out.Containers[i] = Container{
+			bsc:        &b,
+			Name:       cnt.Name,
+			Properties: cnt.Properties,
+			Metadata:   map[string]string(cnt.Metadata),
+			sasuri:     cnt.sasuri,
+		}
+	}
+
 	return &out, err
 }
 
@@ -93,3 +157,26 @@ func (p ListContainersParameters) getParameters() url.Values {
 
 	return out
 }
+
+func writeMetadata(h http.Header) map[string]string {
+	metadata := make(map[string]string)
+	for k, v := range h {
+		// Can't trust CanonicalHeaderKey() to munge case
+		// reliably. "_" is allowed in identifiers:
+		// https://msdn.microsoft.com/en-us/library/azure/dd179414.aspx
+		// https://msdn.microsoft.com/library/aa664670(VS.71).aspx
+		// http://tools.ietf.org/html/rfc7230#section-3.2
+		// ...but "_" is considered invalid by
+		// CanonicalMIMEHeaderKey in
+		// https://golang.org/src/net/textproto/reader.go?s=14615:14659#L542
+		// so k can be "X-Ms-Meta-Lol" or "x-ms-meta-lol_rofl".
+		k = strings.ToLower(k)
+		if len(v) == 0 || !strings.HasPrefix(k, strings.ToLower(userDefinedMetadataHeaderPrefix)) {
+			continue
+		}
+		// metadata["lol"] = content of the last X-Ms-Meta-Lol header
+		k = k[len(userDefinedMetadataHeaderPrefix):]
+		metadata[k] = v[len(v)-1]
+	}
+	return metadata
+}

vendor/github.com/Azure/azure-sdk-for-go/storage/blockblob.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"encoding/xml"
@@ -132,8 +146,7 @@ func (b *Blob) CreateBlockBlobFromReader(blob io.Reader, options *PutBlobOptions
 	if err != nil {
 		return err
 	}
-	readAndCloseBody(resp.body)
-	return checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	return b.respondCreation(resp, BlobTypeBlock)
 }
 
 // PutBlockOptions includes the options for a put block operation
@@ -181,8 +194,7 @@ func (b *Blob) PutBlockWithLength(blockID string, size uint64, blob io.Reader, o
 	if err != nil {
 		return err
 	}
-	readAndCloseBody(resp.body)
-	return checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	return b.respondCreation(resp, BlobTypeBlock)
 }
 
 // PutBlockListOptions includes the options for a put block list operation

vendor/github.com/Azure/azure-sdk-for-go/storage/client.go

@@ -1,6 +1,20 @@
 // Package storage provides clients for Microsoft Azure Storage Services.
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bufio"
 	"bytes"
@@ -17,6 +31,7 @@ import (
 	"net/url"
 	"regexp"
 	"runtime"
+	"strconv"
 	"strings"
 	"time"
 
@@ -33,7 +48,9 @@ const (
 	// basic client is created.
 	DefaultAPIVersion = "2016-05-31"
 
-	defaultUseHTTPS = true
+	defaultUseHTTPS      = true
+	defaultRetryAttempts = 5
+	defaultRetryDuration = time.Second * 5
 
 	// StorageEmulatorAccountName is the fixed storage account used by Azure Storage Emulator
 	StorageEmulatorAccountName = "devstoreaccount1"
@@ -53,10 +70,22 @@ const (
 	userAgentHeader = "User-Agent"
 
 	userDefinedMetadataHeaderPrefix = "x-ms-meta-"
+
+	connectionStringAccountName      = "accountname"
+	connectionStringAccountKey       = "accountkey"
+	connectionStringEndpointSuffix   = "endpointsuffix"
+	connectionStringEndpointProtocol = "defaultendpointsprotocol"
 )
 
 var (
-	validStorageAccount = regexp.MustCompile("^[0-9a-z]{3,24}$")
+	validStorageAccount     = regexp.MustCompile("^[0-9a-z]{3,24}$")
+	defaultValidStatusCodes = []int{
+		http.StatusRequestTimeout,      // 408
+		http.StatusInternalServerError, // 500
+		http.StatusBadGateway,          // 502
+		http.StatusServiceUnavailable,  // 503
+		http.StatusGatewayTimeout,      // 504
+	}
 )
 
 // Sender sends a request
@@ -112,6 +141,8 @@ type Client struct {
 	baseURL          string
 	apiVersion       string
 	userAgent        string
+	sasClient        bool
+	accountSASToken  url.Values
 }
 
 type storageResponse struct {
@@ -179,6 +210,45 @@ func (e UnexpectedStatusCodeError) Got() int {
 	return e.got
 }
 
+// NewClientFromConnectionString creates a Client from the connection string.
+func NewClientFromConnectionString(input string) (Client, error) {
+	var (
+		accountName, accountKey, endpointSuffix string
+		useHTTPS                                = defaultUseHTTPS
+	)
+
+	for _, pair := range strings.Split(input, ";") {
+		if pair == "" {
+			continue
+		}
+
+		equalDex := strings.IndexByte(pair, '=')
+		if equalDex <= 0 {
+			return Client{}, fmt.Errorf("Invalid connection segment %q", pair)
+		}
+
+		value := pair[equalDex+1:]
+		key := strings.ToLower(pair[:equalDex])
+		switch key {
+		case connectionStringAccountName:
+			accountName = value
+		case connectionStringAccountKey:
+			accountKey = value
+		case connectionStringEndpointSuffix:
+			endpointSuffix = value
+		case connectionStringEndpointProtocol:
+			useHTTPS = value == "https"
+		default:
+			// ignored
+		}
+	}
+
+	if accountName == StorageEmulatorAccountName {
+		return NewEmulatorClient()
+	}
+	return NewClient(accountName, accountKey, endpointSuffix, DefaultAPIVersion, useHTTPS)
+}
+
 // NewBasicClient constructs a Client with given storage service name and
 // key.
 func NewBasicClient(accountName, accountKey string) (Client, error) {
@@ -206,13 +276,13 @@ func NewEmulatorClient() (Client, error) {
 // NewClient constructs a Client. This should be used if the caller wants
 // to specify whether to use HTTPS, a specific REST API version or a custom
 // storage endpoint than Azure Public Cloud.
-func NewClient(accountName, accountKey, blobServiceBaseURL, apiVersion string, useHTTPS bool) (Client, error) {
+func NewClient(accountName, accountKey, serviceBaseURL, apiVersion string, useHTTPS bool) (Client, error) {
 	var c Client
 	if !IsValidStorageAccount(accountName) {
 		return c, fmt.Errorf("azure: account name is not valid: it must be between 3 and 24 characters, and only may contain numbers and lowercase letters: %v", accountName)
 	} else if accountKey == "" {
 		return c, fmt.Errorf("azure: account key required")
-	} else if blobServiceBaseURL == "" {
+	} else if serviceBaseURL == "" {
 		return c, fmt.Errorf("azure: base storage service url required")
 	}
 
@@ -226,19 +296,14 @@ func NewClient(accountName, accountKey, blobServiceBaseURL, apiVersion string, u
 		accountName:      accountName,
 		accountKey:       key,
 		useHTTPS:         useHTTPS,
-		baseURL:          blobServiceBaseURL,
+		baseURL:          serviceBaseURL,
 		apiVersion:       apiVersion,
+		sasClient:        false,
 		UseSharedKeyLite: false,
 		Sender: &DefaultSender{
-			RetryAttempts: 5,
-			ValidStatusCodes: []int{
-				http.StatusRequestTimeout,      // 408
-				http.StatusInternalServerError, // 500
-				http.StatusBadGateway,          // 502
-				http.StatusServiceUnavailable,  // 503
-				http.StatusGatewayTimeout,      // 504
-			},
-			RetryDuration: time.Second * 5,
+			RetryAttempts:    defaultRetryAttempts,
+			ValidStatusCodes: defaultValidStatusCodes,
+			RetryDuration:    defaultRetryDuration,
 		},
 	}
 	c.userAgent = c.getDefaultUserAgent()
@@ -251,6 +316,43 @@ func IsValidStorageAccount(account string) bool {
 	return validStorageAccount.MatchString(account)
 }
 
+// NewAccountSASClient contructs a client that uses accountSAS authorization
+// for its operations.
+func NewAccountSASClient(account string, token url.Values, env azure.Environment) Client {
+	c := newSASClient()
+	c.accountSASToken = token
+	c.accountName = account
+	c.baseURL = env.StorageEndpointSuffix
+
+	// Get API version and protocol from token
+	c.apiVersion = token.Get("sv")
+	c.useHTTPS = token.Get("spr") == "https"
+	return c
+}
+
+func newSASClient() Client {
+	c := Client{
+		HTTPClient: http.DefaultClient,
+		apiVersion: DefaultAPIVersion,
+		sasClient:  true,
+		Sender: &DefaultSender{
+			RetryAttempts:    defaultRetryAttempts,
+			ValidStatusCodes: defaultValidStatusCodes,
+			RetryDuration:    defaultRetryDuration,
+		},
+	}
+	c.userAgent = c.getDefaultUserAgent()
+	return c
+}
+
+func (c Client) isServiceSASClient() bool {
+	return c.sasClient && c.accountSASToken == nil
+}
+
+func (c Client) isAccountSASClient() bool {
+	return c.sasClient && c.accountSASToken != nil
+}
+
 func (c Client) getDefaultUserAgent() string {
 	return fmt.Sprintf("Go/%s (%s-%s) azure-storage-go/%s api-version/%s",
 		runtime.Version(),
@@ -323,6 +425,164 @@ func (c Client) getEndpoint(service, path string, params url.Values) string {
 	return u.String()
 }
 
+// AccountSASTokenOptions includes options for constructing
+// an account SAS token.
+// https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-an-account-sas
+type AccountSASTokenOptions struct {
+	APIVersion    string
+	Services      Services
+	ResourceTypes ResourceTypes
+	Permissions   Permissions
+	Start         time.Time
+	Expiry        time.Time
+	IP            string
+	UseHTTPS      bool
+}
+
+// Services specify services accessible with an account SAS.
+type Services struct {
+	Blob  bool
+	Queue bool
+	Table bool
+	File  bool
+}
+
+// ResourceTypes specify the resources accesible with an
+// account SAS.
+type ResourceTypes struct {
+	Service   bool
+	Container bool
+	Object    bool
+}
+
+// Permissions specifies permissions for an accountSAS.
+type Permissions struct {
+	Read    bool
+	Write   bool
+	Delete  bool
+	List    bool
+	Add     bool
+	Create  bool
+	Update  bool
+	Process bool
+}
+
+// GetAccountSASToken creates an account SAS token
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-an-account-sas
+func (c Client) GetAccountSASToken(options AccountSASTokenOptions) (url.Values, error) {
+	if options.APIVersion == "" {
+		options.APIVersion = c.apiVersion
+	}
+
+	if options.APIVersion < "2015-04-05" {
+		return url.Values{}, fmt.Errorf("account SAS does not support API versions prior to 2015-04-05. API version : %s", options.APIVersion)
+	}
+
+	// build services string
+	services := ""
+	if options.Services.Blob {
+		services += "b"
+	}
+	if options.Services.Queue {
+		services += "q"
+	}
+	if options.Services.Table {
+		services += "t"
+	}
+	if options.Services.File {
+		services += "f"
+	}
+
+	// build resources string
+	resources := ""
+	if options.ResourceTypes.Service {
+		resources += "s"
+	}
+	if options.ResourceTypes.Container {
+		resources += "c"
+	}
+	if options.ResourceTypes.Object {
+		resources += "o"
+	}
+
+	// build permissions string
+	permissions := ""
+	if options.Permissions.Read {
+		permissions += "r"
+	}
+	if options.Permissions.Write {
+		permissions += "w"
+	}
+	if options.Permissions.Delete {
+		permissions += "d"
+	}
+	if options.Permissions.List {
+		permissions += "l"
+	}
+	if options.Permissions.Add {
+		permissions += "a"
+	}
+	if options.Permissions.Create {
+		permissions += "c"
+	}
+	if options.Permissions.Update {
+		permissions += "u"
+	}
+	if options.Permissions.Process {
+		permissions += "p"
+	}
+
+	// build start time, if exists
+	start := ""
+	if options.Start != (time.Time{}) {
+		start = options.Start.Format(time.RFC3339)
+		// For some reason I don't understand, it fails when the rest of the string is included
+		start = start[:10]
+	}
+
+	// build expiry time
+	expiry := options.Expiry.Format(time.RFC3339)
+	// For some reason I don't understand, it fails when the rest of the string is included
+	expiry = expiry[:10]
+
+	protocol := "https,http"
+	if options.UseHTTPS {
+		protocol = "https"
+	}
+
+	stringToSign := strings.Join([]string{
+		c.accountName,
+		permissions,
+		services,
+		resources,
+		start,
+		expiry,
+		options.IP,
+		protocol,
+		options.APIVersion,
+		"",
+	}, "\n")
+	signature := c.computeHmac256(stringToSign)
+
+	sasParams := url.Values{
+		"sv":  {options.APIVersion},
+		"ss":  {services},
+		"srt": {resources},
+		"sp":  {permissions},
+		"se":  {expiry},
+		"spr": {protocol},
+		"sig": {signature},
+	}
+	if start != "" {
+		sasParams.Add("st", start)
+	}
+	if options.IP != "" {
+		sasParams.Add("sip", options.IP)
+	}
+
+	return sasParams, nil
+}
+
 // GetBlobService returns a BlobStorageClient which can operate on the blob
 // service of the storage account.
 func (c Client) GetBlobService() BlobStorageClient {
@@ -398,16 +658,12 @@ func (c Client) exec(verb, url string, headers map[string]string, body io.Reader
 		return nil, errors.New("azure/storage: error creating request: " + err.Error())
 	}
 
-	// if a body was provided ensure that the content length was set.
-	// http.NewRequest() will automatically do this for a handful of types
-	// and for those that it doesn't we will handle here.
-	if body != nil && req.ContentLength < 1 {
-		if lr, ok := body.(*io.LimitedReader); ok {
-			req.ContentLength = lr.N
-			snapshot := *lr
-			req.GetBody = func() (io.ReadCloser, error) {
-				r := snapshot
-				return ioutil.NopCloser(&r), nil
+	// http.NewRequest() will automatically set req.ContentLength for a handful of types
+	// otherwise we will handle here.
+	if req.ContentLength < 1 {
+		if clstr, ok := headers["Content-Length"]; ok {
+			if cl, err := strconv.ParseInt(clstr, 10, 64); err == nil {
+				req.ContentLength = cl
 			}
 		}
 	}

vendor/github.com/Azure/azure-sdk-for-go/storage/commonsasuri.go

@@ -0,0 +1,38 @@
+package storage
+
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
+import (
+	"net/url"
+	"time"
+)
+
+// SASOptions includes options used by SAS URIs for different
+// services and resources.
+type SASOptions struct {
+	APIVersion string
+	Start      time.Time
+	Expiry     time.Time
+	IP         string
+	UseHTTPS   bool
+	Identifier string
+}
+
+func addQueryParameter(query url.Values, key, value string) url.Values {
+	if value != "" {
+		query.Add(key, value)
+	}
+	return query
+}

vendor/github.com/Azure/azure-sdk-for-go/storage/container.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"errors"
@@ -18,12 +32,66 @@ type Container struct {
 	Name       string              `xml:"Name"`
 	Properties ContainerProperties `xml:"Properties"`
 	Metadata   map[string]string
+	sasuri     url.URL
+}
+
+// Client returns the HTTP client used by the Container reference.
+func (c *Container) Client() *Client {
+	return &c.bsc.client
 }
 
 func (c *Container) buildPath() string {
 	return fmt.Sprintf("/%s", c.Name)
 }
 
+// GetURL gets the canonical URL to the container.
+// This method does not create a publicly accessible URL if the container
+// is private and this method does not check if the blob exists.
+func (c *Container) GetURL() string {
+	container := c.Name
+	if container == "" {
+		container = "$root"
+	}
+	return c.bsc.client.getEndpoint(blobServiceName, pathForResource(container, ""), nil)
+}
+
+// ContainerSASOptions are options to construct a container SAS
+// URI.
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+type ContainerSASOptions struct {
+	ContainerSASPermissions
+	OverrideHeaders
+	SASOptions
+}
+
+// ContainerSASPermissions includes the available permissions for
+// a container SAS URI.
+type ContainerSASPermissions struct {
+	BlobServiceSASPermissions
+	List bool
+}
+
+// GetSASURI creates an URL to the container which contains the Shared
+// Access Signature with the specified options.
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+func (c *Container) GetSASURI(options ContainerSASOptions) (string, error) {
+	uri := c.GetURL()
+	signedResource := "c"
+	canonicalizedResource, err := c.bsc.client.buildCanonicalizedResource(uri, c.bsc.auth, true)
+	if err != nil {
+		return "", err
+	}
+
+	// build permissions string
+	permissions := options.BlobServiceSASPermissions.buildString()
+	if options.List {
+		permissions += "l"
+	}
+
+	return c.bsc.client.blobAndFileSASURI(options.SASOptions, uri, permissions, canonicalizedResource, signedResource, options.OverrideHeaders)
+}
+
 // ContainerProperties contains various properties of a container returned from
 // various endpoints like ListContainers.
 type ContainerProperties struct {
@@ -224,7 +292,20 @@ func (c *Container) create(options *CreateContainerOptions) (*storageResponse, e
 // Exists returns true if a container with given name exists
 // on the storage account, otherwise returns false.
 func (c *Container) Exists() (bool, error) {
-	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), url.Values{"restype": {"container"}})
+	q := url.Values{"restype": {"container"}}
+	var uri string
+	if c.bsc.client.isServiceSASClient() {
+		q = mergeParams(q, c.sasuri.Query())
+		newURI := c.sasuri
+		newURI.RawQuery = q.Encode()
+		uri = newURI.String()
+
+	} else {
+		if c.bsc.client.isAccountSASClient() {
+			q = mergeParams(q, c.bsc.client.accountSASToken)
+		}
+		uri = c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), q)
+	}
 	headers := c.bsc.client.getStandardHeaders()
 
 	resp, err := c.bsc.client.exec(http.MethodHead, uri, headers, nil, c.bsc.auth)
@@ -399,9 +480,20 @@ func (c *Container) delete(options *DeleteContainerOptions) (*storageResponse, e
 func (c *Container) ListBlobs(params ListBlobsParameters) (BlobListResponse, error) {
 	q := mergeParams(params.getParameters(), url.Values{
 		"restype": {"container"},
-		"comp":    {"list"}},
-	)
-	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), q)
+		"comp":    {"list"},
+	})
+	var uri string
+	if c.bsc.client.isServiceSASClient() {
+		q = mergeParams(q, c.sasuri.Query())
+		newURI := c.sasuri
+		newURI.RawQuery = q.Encode()
+		uri = newURI.String()
+	} else {
+		if c.bsc.client.isAccountSASClient() {
+			q = mergeParams(q, c.bsc.client.accountSASToken)
+		}
+		uri = c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), q)
+	}
 
 	headers := c.bsc.client.getStandardHeaders()
 	headers = addToHeaders(headers, "x-ms-client-request-id", params.RequestID)
@@ -420,6 +512,81 @@ func (c *Container) ListBlobs(params ListBlobsParameters) (BlobListResponse, err
 	return out, err
 }
 
+// ContainerMetadataOptions includes options for container metadata operations
+type ContainerMetadataOptions struct {
+	Timeout   uint
+	LeaseID   string `header:"x-ms-lease-id"`
+	RequestID string `header:"x-ms-client-request-id"`
+}
+
+// SetMetadata replaces the metadata for the specified container.
+//
+// Some keys may be converted to Camel-Case before sending. All keys
+// are returned in lower case by GetBlobMetadata. HTTP header names
+// are case-insensitive so case munging should not matter to other
+// applications either.
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/set-container-metadata
+func (c *Container) SetMetadata(options *ContainerMetadataOptions) error {
+	params := url.Values{
+		"comp":    {"metadata"},
+		"restype": {"container"},
+	}
+	headers := c.bsc.client.getStandardHeaders()
+	headers = c.bsc.client.addMetadataToHeaders(headers, c.Metadata)
+
+	if options != nil {
+		params = addTimeout(params, options.Timeout)
+		headers = mergeHeaders(headers, headersFromStruct(*options))
+	}
+
+	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), params)
+
+	resp, err := c.bsc.client.exec(http.MethodPut, uri, headers, nil, c.bsc.auth)
+	if err != nil {
+		return err
+	}
+	readAndCloseBody(resp.body)
+	return checkRespCode(resp.statusCode, []int{http.StatusOK})
+}
+
+// GetMetadata returns all user-defined metadata for the specified container.
+//
+// All metadata keys will be returned in lower case. (HTTP header
+// names are case-insensitive.)
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/get-container-metadata
+func (c *Container) GetMetadata(options *ContainerMetadataOptions) error {
+	params := url.Values{
+		"comp":    {"metadata"},
+		"restype": {"container"},
+	}
+	headers := c.bsc.client.getStandardHeaders()
+
+	if options != nil {
+		params = addTimeout(params, options.Timeout)
+		headers = mergeHeaders(headers, headersFromStruct(*options))
+	}
+
+	uri := c.bsc.client.getEndpoint(blobServiceName, c.buildPath(), params)
+
+	resp, err := c.bsc.client.exec(http.MethodGet, uri, headers, nil, c.bsc.auth)
+	if err != nil {
+		return err
+	}
+	readAndCloseBody(resp.body)
+	if err := checkRespCode(resp.statusCode, []int{http.StatusOK}); err != nil {
+		return err
+	}
+
+	c.writeMetadata(resp.headers)
+	return nil
+}
+
+func (c *Container) writeMetadata(h http.Header) {
+	c.Metadata = writeMetadata(h)
+}
+
 func generateContainerACLpayload(policies []ContainerAccessPolicy) (io.Reader, int, error) {
 	sil := SignedIdentifiers{
 		SignedIdentifiers: []SignedIdentifier{},

vendor/github.com/Azure/azure-sdk-for-go/storage/copyblob.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"errors"
 	"fmt"

vendor/github.com/Azure/azure-sdk-for-go/storage/directory.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"net/http"

vendor/github.com/Azure/azure-sdk-for-go/storage/entity.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"encoding/json"

vendor/github.com/Azure/azure-sdk-for-go/storage/file.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"errors"
 	"fmt"
@@ -426,7 +440,7 @@ func (f *File) URL() string {
 	return f.fsc.client.getEndpoint(fileServiceName, f.buildPath(), nil)
 }
 
-// WriteRangeOptions includes opptions for a write file range operation
+// WriteRangeOptions includes options for a write file range operation
 type WriteRangeOptions struct {
 	Timeout    uint
 	ContentMD5 string

vendor/github.com/Azure/azure-sdk-for-go/storage/fileserviceclient.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"fmt"

vendor/github.com/Azure/azure-sdk-for-go/storage/leaseblob.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"errors"
 	"net/http"

vendor/github.com/Azure/azure-sdk-for-go/storage/message.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"fmt"

vendor/github.com/Azure/azure-sdk-for-go/storage/odata.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 // MetadataLevel determines if operations should return a paylod,
 // and it level of detail.
 type MetadataLevel string

vendor/github.com/Azure/azure-sdk-for-go/storage/pageblob.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"errors"
@@ -73,10 +87,10 @@ func (b *Blob) modifyRange(blobRange BlobRange, bytes io.Reader, options *PutPag
 		return errors.New("the value for rangeEnd must be greater than or equal to rangeStart")
 	}
 	if blobRange.Start%512 != 0 {
-		return errors.New("the value for rangeStart must be a modulus of 512")
+		return errors.New("the value for rangeStart must be a multiple of 512")
 	}
 	if blobRange.End%512 != 511 {
-		return errors.New("the value for rangeEnd must be a modulus of 511")
+		return errors.New("the value for rangeEnd must be a multiple of 512 - 1")
 	}
 
 	params := url.Values{"comp": {"page"}}
@@ -133,7 +147,7 @@ func (b *Blob) GetPageRanges(options *GetPageRangesOptions) (GetPageRangesRespon
 		params = addTimeout(params, options.Timeout)
 		params = addSnapshot(params, options.Snapshot)
 		if options.PreviousSnapshot != nil {
-			params.Add("prevsnapshot", timeRfc1123Formatted(*options.PreviousSnapshot))
+			params.Add("prevsnapshot", timeRFC3339Formatted(*options.PreviousSnapshot))
 		}
 		if options.Range != nil {
 			headers["Range"] = options.Range.String()
@@ -186,6 +200,5 @@ func (b *Blob) PutPageBlob(options *PutBlobOptions) error {
 	if err != nil {
 		return err
 	}
-	readAndCloseBody(resp.body)
-	return checkRespCode(resp.statusCode, []int{http.StatusCreated})
+	return b.respondCreation(resp, BlobTypePage)
 }

vendor/github.com/Azure/azure-sdk-for-go/storage/queue.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/xml"
 	"errors"

vendor/github.com/Azure/azure-sdk-for-go/storage/queuesasuri.go

@@ -0,0 +1,146 @@
+package storage
+
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
+import (
+	"errors"
+	"fmt"
+	"net/url"
+	"strings"
+	"time"
+)
+
+// QueueSASOptions are options to construct a blob SAS
+// URI.
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+type QueueSASOptions struct {
+	QueueSASPermissions
+	SASOptions
+}
+
+// QueueSASPermissions includes the available permissions for
+// a queue SAS URI.
+type QueueSASPermissions struct {
+	Read    bool
+	Add     bool
+	Update  bool
+	Process bool
+}
+
+func (q QueueSASPermissions) buildString() string {
+	permissions := ""
+
+	if q.Read {
+		permissions += "r"
+	}
+	if q.Add {
+		permissions += "a"
+	}
+	if q.Update {
+		permissions += "u"
+	}
+	if q.Process {
+		permissions += "p"
+	}
+	return permissions
+}
+
+// GetSASURI creates an URL to the specified queue which contains the Shared
+// Access Signature with specified permissions and expiration time.
+//
+// See https://docs.microsoft.com/en-us/rest/api/storageservices/constructing-a-service-sas
+func (q *Queue) GetSASURI(options QueueSASOptions) (string, error) {
+	canonicalizedResource, err := q.qsc.client.buildCanonicalizedResource(q.buildPath(), q.qsc.auth, true)
+	if err != nil {
+		return "", err
+	}
+
+	// "The canonicalizedresouce portion of the string is a canonical path to the signed resource.
+	// It must include the service name (blob, table, queue or file) for version 2015-02-21 or
+	// later, the storage account name, and the resource name, and must be URL-decoded.
+	// -- https://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
+	// We need to replace + with %2b first to avoid being treated as a space (which is correct for query strings, but not the path component).
+	canonicalizedResource = strings.Replace(canonicalizedResource, "+", "%2b", -1)
+	canonicalizedResource, err = url.QueryUnescape(canonicalizedResource)
+	if err != nil {
+		return "", err
+	}
+
+	signedStart := ""
+	if options.Start != (time.Time{}) {
+		signedStart = options.Start.UTC().Format(time.RFC3339)
+	}
+	signedExpiry := options.Expiry.UTC().Format(time.RFC3339)
+
+	protocols := "https,http"
+	if options.UseHTTPS {
+		protocols = "https"
+	}
+
+	permissions := options.QueueSASPermissions.buildString()
+	stringToSign, err := queueSASStringToSign(q.qsc.client.apiVersion, canonicalizedResource, signedStart, signedExpiry, options.IP, permissions, protocols, options.Identifier)
+	if err != nil {
+		return "", err
+	}
+
+	sig := q.qsc.client.computeHmac256(stringToSign)
+	sasParams := url.Values{
+		"sv":  {q.qsc.client.apiVersion},
+		"se":  {signedExpiry},
+		"sp":  {permissions},
+		"sig": {sig},
+	}
+
+	if q.qsc.client.apiVersion >= "2015-04-05" {
+		sasParams.Add("spr", protocols)
+		addQueryParameter(sasParams, "sip", options.IP)
+	}
+
+	uri := q.qsc.client.getEndpoint(queueServiceName, q.buildPath(), nil)
+	sasURL, err := url.Parse(uri)
+	if err != nil {
+		return "", err
+	}
+	sasURL.RawQuery = sasParams.Encode()
+	return sasURL.String(), nil
+}
+
+func queueSASStringToSign(signedVersion, canonicalizedResource, signedStart, signedExpiry, signedIP, signedPermissions, protocols, signedIdentifier string) (string, error) {
+
+	if signedVersion >= "2015-02-21" {
+		canonicalizedResource = "/queue" + canonicalizedResource
+	}
+
+	// https://msdn.microsoft.com/en-us/library/azure/dn140255.aspx#Anchor_12
+	if signedVersion >= "2015-04-05" {
+		return fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s",
+			signedPermissions,
+			signedStart,
+			signedExpiry,
+			canonicalizedResource,
+			signedIdentifier,
+			signedIP,
+			protocols,
+			signedVersion), nil
+
+	}
+
+	// reference: http://msdn.microsoft.com/en-us/library/azure/dn140255.aspx
+	if signedVersion >= "2013-08-15" {
+		return fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s", signedPermissions, signedStart, signedExpiry, canonicalizedResource, signedIdentifier, signedVersion), nil
+	}
+
+	return "", errors.New("storage: not implemented SAS for versions earlier than 2013-08-15")
+}

vendor/github.com/Azure/azure-sdk-for-go/storage/queueserviceclient.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 // QueueServiceClient contains operations for Microsoft Azure Queue Storage
 // Service.
 type QueueServiceClient struct {

vendor/github.com/Azure/azure-sdk-for-go/storage/share.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"fmt"
 	"net/http"

vendor/github.com/Azure/azure-sdk-for-go/storage/storagepolicy.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"strings"
 	"time"

vendor/github.com/Azure/azure-sdk-for-go/storage/storageservice.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"net/http"
 	"net/url"

vendor/github.com/Azure/azure-sdk-for-go/storage/table.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"encoding/json"
@@ -174,11 +188,7 @@ func (t *Table) Delete(timeout uint, options *TableOptions) error {
 	}
 	defer readAndCloseBody(resp.body)
 
-	if err := checkRespCode(resp.statusCode, []int{http.StatusNoContent}); err != nil {
-		return err
-
-	}
-	return nil
+	return checkRespCode(resp.statusCode, []int{http.StatusNoContent})
 }
 
 // QueryOptions includes options for a query entities operation.
@@ -261,10 +271,7 @@ func (t *Table) SetPermissions(tap []TableAccessPolicy, timeout uint, options *T
 	}
 	defer readAndCloseBody(resp.body)
 
-	if err := checkRespCode(resp.statusCode, []int{http.StatusNoContent}); err != nil {
-		return err
-	}
-	return nil
+	return checkRespCode(resp.statusCode, []int{http.StatusNoContent})
 }
 
 func generateTableACLPayload(policies []TableAccessPolicy) (io.Reader, int, error) {

vendor/github.com/Azure/azure-sdk-for-go/storage/table_batch.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"encoding/json"

vendor/github.com/Azure/azure-sdk-for-go/storage/tableserviceclient.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"encoding/json"
 	"fmt"

vendor/github.com/Azure/azure-sdk-for-go/storage/util.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 import (
 	"bytes"
 	"crypto/hmac"
@@ -18,7 +32,29 @@ import (
 )
 
 var (
-	fixedTime = time.Date(2050, time.December, 20, 21, 55, 0, 0, time.FixedZone("GMT", -6))
+	fixedTime         = time.Date(2050, time.December, 20, 21, 55, 0, 0, time.FixedZone("GMT", -6))
+	accountSASOptions = AccountSASTokenOptions{
+		Services: Services{
+			Blob: true,
+		},
+		ResourceTypes: ResourceTypes{
+			Service:   true,
+			Container: true,
+			Object:    true,
+		},
+		Permissions: Permissions{
+			Read:    true,
+			Write:   true,
+			Delete:  true,
+			List:    true,
+			Add:     true,
+			Create:  true,
+			Update:  true,
+			Process: true,
+		},
+		Expiry:   fixedTime,
+		UseHTTPS: true,
+	}
 )
 
 func (c Client) computeHmac256(message string) string {
@@ -35,6 +71,10 @@ func timeRfc1123Formatted(t time.Time) string {
 	return t.Format(http.TimeFormat)
 }
 
+func timeRFC3339Formatted(t time.Time) string {
+	return t.Format("2006-01-02T15:04:05.0000000Z")
+}
+
 func mergeParams(v1, v2 url.Values) url.Values {
 	out := url.Values{}
 	for k, v := range v1 {
@@ -136,7 +176,7 @@ func addTimeout(params url.Values, timeout uint) url.Values {
 
 func addSnapshot(params url.Values, snapshot *time.Time) url.Values {
 	if snapshot != nil {
-		params.Add("snapshot", snapshot.Format("2006-01-02T15:04:05.0000000Z"))
+		params.Add("snapshot", timeRFC3339Formatted(*snapshot))
 	}
 	return params
 }

vendor/github.com/Azure/azure-sdk-for-go/storage/version.go

@@ -1,5 +1,19 @@
 package storage
 
+// Copyright 2017 Microsoft Corporation
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
 var (
-	sdkVersion = "10.0.2"
+	sdkVersion = "v11.3.0-beta"
 )