diff --git a/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs
new file mode 100644
index 0000000000000..c9455203a6c74
--- /dev/null
+++ b/sdk/core/Azure.Core/src/Shared/CallerShouldAuditAttribute.cs
@@ -0,0 +1,27 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System;
+
+#nullable enable
+
+namespace Azure.Core
+{
+ ///
+ /// Decorates an operation whose invocation should potentially be audited
+ /// by Azure service implementations. Auditing could be recommended
+ /// because the operation changes critical service state, creates delegated
+ /// access to a resource, affects data retention, etc. It's a best guess
+ /// from the service team that the operation should be audited to mitigate
+ /// any potential future issues.
+ ///
+ [AttributeUsage(AttributeTargets.Method)]
+ internal class CallerShouldAuditAttribute : Attribute
+ {
+ ///
+ /// Gets or sets a description or link to the rationale for potentially
+ /// auditing this operation.
+ ///
+ public string? Reason { get; set; }
+ }
+}
diff --git a/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj b/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj
index f25e8b33ebedf..80afbc2b03271 100644
--- a/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj
+++ b/sdk/storage/Azure.Storage.Blobs/src/Azure.Storage.Blobs.csproj
@@ -35,12 +35,13 @@
-
+
+
diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs
index 6eab5e874f601..68c3cb70c0e87 100644
--- a/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs
+++ b/sdk/storage/Azure.Storage.Blobs/src/BlobBaseClient.cs
@@ -4,7 +4,6 @@
using System;
using System.ComponentModel;
using System.IO;
-using System.Runtime.CompilerServices;
using System.Threading;
using System.Threading.Tasks;
using Azure.Core;
@@ -6556,6 +6555,7 @@ private async Task> SetLegalHoldInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Uri GenerateSasUri(BlobSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new BlobSasBuilder(permissions, expiresOn)
{
@@ -6589,6 +6589,7 @@ public virtual Uri GenerateSasUri(BlobSasPermissions permissions, DateTimeOffset
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Uri GenerateSasUri(BlobSasBuilder builder)
{
if (builder == null)
diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs
index 1b8b5e27da5e9..31c82c953867a 100644
--- a/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs
+++ b/sdk/storage/Azure.Storage.Blobs/src/BlobContainerClient.cs
@@ -6,7 +6,6 @@
using System.ComponentModel;
using System.IO;
using System.Linq;
-using System.Net;
using System.Threading;
using System.Threading.Tasks;
using Azure.Core;
@@ -15,7 +14,6 @@
using Azure.Storage.Blobs.Specialized;
using Azure.Storage.Cryptography;
using Azure.Storage.Sas;
-using Azure.Storage.Shared;
using Metadata = System.Collections.Generic.IDictionary;
#pragma warning disable SA1402 // File may only contain a single type
@@ -2204,6 +2202,7 @@ private async Task> GetAccessPolicyInternal(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Response SetAccessPolicy(
PublicAccessType accessType = PublicAccessType.None,
IEnumerable permissions = default,
@@ -2259,6 +2258,7 @@ public virtual Response SetAccessPolicy(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual async Task> SetAccessPolicyAsync(
PublicAccessType accessType = PublicAccessType.None,
IEnumerable permissions = default,
@@ -3574,6 +3574,7 @@ internal async Task> FindBlobsByTagsInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Uri GenerateSasUri(BlobContainerSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new BlobSasBuilder(permissions, expiresOn) { BlobContainerName = Name });
@@ -3599,6 +3600,7 @@ public virtual Uri GenerateSasUri(BlobContainerSasPermissions permissions, DateT
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Uri GenerateSasUri(BlobSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs
index 6f41d5d209eca..23edd6ac8fdc0 100644
--- a/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs
+++ b/sdk/storage/Azure.Storage.Blobs/src/BlobServiceClient.cs
@@ -1179,6 +1179,7 @@ private async Task> GetPropertiesInternal(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Response SetProperties(
BlobServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -1213,6 +1214,7 @@ public virtual Response SetProperties(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual async Task SetPropertiesAsync(
BlobServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -1460,6 +1462,7 @@ private async Task> GetStatisticsInternal(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual Response GetUserDelegationKey(
DateTimeOffset? startsOn,
DateTimeOffset expiresOn,
@@ -1496,6 +1499,7 @@ public virtual Response GetUserDelegationKey(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public virtual async Task> GetUserDelegationKeyAsync(
DateTimeOffset? startsOn,
DateTimeOffset expiresOn,
@@ -2362,6 +2366,7 @@ internal async Task> FindBlobsByTagsInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public Uri GenerateAccountSasUri(
AccountSasPermissions permissions,
DateTimeOffset expiresOn,
@@ -2394,6 +2399,7 @@ public Uri GenerateAccountSasUri(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public Uri GenerateAccountSasUri(AccountSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs b/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs
index 239dce00c19d6..34727cb0f4e34 100644
--- a/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs
+++ b/sdk/storage/Azure.Storage.Blobs/src/Sas/BlobSasBuilder.cs
@@ -6,6 +6,7 @@
using System.ComponentModel;
using System.Security.Cryptography;
using System.Text;
+using Azure.Core;
using Azure.Storage.Blobs;
using Azure.Storage.Blobs.Models;
@@ -337,6 +338,7 @@ public void SetPermissions(string rawPermissions)
/// The used for authenticating
/// requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
@@ -401,6 +403,7 @@ public BlobSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sh
///
/// The used for authenticating requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-blobs")]
public BlobSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName)
{
userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey));
diff --git a/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj b/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj
index 0dfb8eee1cb99..f923a5d854937 100644
--- a/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj
+++ b/sdk/storage/Azure.Storage.Common/src/Azure.Storage.Common.csproj
@@ -25,6 +25,7 @@
+
diff --git a/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs b/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs
index e5c00a7705a28..481e2b33ec1cd 100644
--- a/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs
+++ b/sdk/storage/Azure.Storage.Common/src/Sas/AccountSasBuilder.cs
@@ -5,6 +5,7 @@
using System.Collections.Generic;
using System.ComponentModel;
using System.Text;
+using Azure.Core;
namespace Azure.Storage.Sas
{
@@ -190,6 +191,7 @@ public void SetPermissions(string rawPermissions)
/// The used for authenticating
/// requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-common")]
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
// https://docs.microsoft.com/en-us/rest/api/storageservices/Constructing-an-Account-SAS
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj b/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj
index 03442a266b628..69ccde968cb41 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/Azure.Storage.Files.DataLake.csproj
@@ -31,6 +31,7 @@
+
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs
index 3b5a2da29b8c8..5d4a78aeba60c 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeDirectoryClient.cs
@@ -1442,6 +1442,7 @@ public override async Task> GetAccessControlAsync(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Response SetAccessControlList(
IList accessControlList,
string owner = default,
@@ -1506,6 +1507,7 @@ public override Response SetAccessControlList(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override async Task> SetAccessControlListAsync(
IList accessControlList,
string owner = default,
@@ -1573,6 +1575,7 @@ public override async Task> SetAccessControlListAsync(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Response SetPermissions(
PathPermissions permissions = default,
string owner = default,
@@ -1637,6 +1640,7 @@ public override Response SetPermissions(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override async Task> SetPermissionsAsync(
PathPermissions permissions = default,
string owner = default,
@@ -2948,6 +2952,7 @@ public virtual AsyncPageable GetPathsAsync(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn)
{
@@ -2979,6 +2984,7 @@ public override Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeO
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Uri GenerateSasUri(DataLakeSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs
index 0692f48a220e5..9007f66d3b75e 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileClient.cs
@@ -1431,6 +1431,7 @@ public override async Task> GetAccessControlAsync(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Response SetAccessControlList(
IList accessControlList,
string owner = default,
@@ -1495,6 +1496,7 @@ public override Response SetAccessControlList(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override async Task> SetAccessControlListAsync(
IList accessControlList,
string owner = default,
@@ -1562,6 +1564,7 @@ public override async Task> SetAccessControlListAsync(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override Response SetPermissions(
PathPermissions permissions,
string owner = default,
@@ -1626,6 +1629,7 @@ public override Response SetPermissions(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public override async Task> SetPermissionsAsync(
PathPermissions permissions,
string owner = default,
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs
index 8eb41cb20c2e7..60c0a31426826 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeFileSystemClient.cs
@@ -2906,6 +2906,7 @@ public virtual async Task> GetAccessPolicyAsync
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response SetAccessPolicy(
Models.PublicAccessType accessType = Models.PublicAccessType.None,
IEnumerable permissions = default,
@@ -2985,6 +2986,7 @@ public virtual Response SetAccessPolicy(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> SetAccessPolicyAsync(
Models.PublicAccessType accessType = Models.PublicAccessType.None,
IEnumerable permissions = default,
@@ -3179,6 +3181,7 @@ public virtual async Task> SetAccessPolicyAsync(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Uri GenerateSasUri(DataLakeFileSystemSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn) { FileSystemName = Name });
@@ -3205,6 +3208,7 @@ public virtual Uri GenerateSasUri(DataLakeFileSystemSasPermissions permissions,
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Uri GenerateSasUri(
DataLakeSasBuilder builder)
{
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs
index 2c13895de7e5e..6581fe459007b 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakePathClient.cs
@@ -2569,6 +2569,7 @@ private async Task> GetAccessControlInternal(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response SetAccessControlList(
IList accessControlList,
string owner = default,
@@ -2619,6 +2620,7 @@ public virtual Response SetAccessControlList(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> SetAccessControlListAsync(
IList accessControlList,
string owner = default,
@@ -2776,6 +2778,7 @@ private async Task> SetAccessControlListInternal(
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response SetAccessControlRecursive(
IList accessControlList,
string continuationToken = default,
@@ -2823,6 +2826,7 @@ public virtual Response SetAccessControlRecursive(
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> SetAccessControlRecursiveAsync(
IList accessControlList,
string continuationToken = default,
@@ -2870,6 +2874,7 @@ public virtual async Task> SetAccessControlR
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response UpdateAccessControlRecursive(
IList accessControlList,
string continuationToken = default,
@@ -2917,6 +2922,7 @@ public virtual Response UpdateAccessControlRecursive(
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> UpdateAccessControlRecursiveAsync(
IList accessControlList,
string continuationToken = default,
@@ -2964,6 +2970,7 @@ public virtual async Task> UpdateAccessContr
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response RemoveAccessControlRecursive(
IList accessControlList,
string continuationToken = default,
@@ -3011,6 +3018,7 @@ public virtual Response RemoveAccessControlRecursive(
/// Otherwise if a failure occurs outside the request, the respective
/// type will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> RemoveAccessControlRecursiveAsync(
IList accessControlList,
string continuationToken = default,
@@ -3272,6 +3280,7 @@ private async Task> SetAccessControlRecursiv
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response SetPermissions(
PathPermissions permissions,
string owner = default,
@@ -3322,6 +3331,7 @@ public virtual Response SetPermissions(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> SetPermissionsAsync(
PathPermissions permissions,
string owner = default,
@@ -3828,6 +3838,7 @@ public virtual async Task> SetMetadataAsync(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new DataLakeSasBuilder(permissions, expiresOn)
{
@@ -3858,6 +3869,7 @@ public virtual Uri GenerateSasUri(DataLakeSasPermissions permissions, DateTimeOf
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Uri GenerateSasUri(DataLakeSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs
index 7400878b00516..0bf300e05880d 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/DataLakeServiceClient.cs
@@ -479,6 +479,7 @@ public virtual DataLakeFileSystemClient GetFileSystemClient(string fileSystemNam
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response GetUserDelegationKey(
DateTimeOffset? startsOn,
DateTimeOffset expiresOn,
@@ -535,6 +536,7 @@ public virtual Response GetUserDelegationKey(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task> GetUserDelegationKeyAsync(
DateTimeOffset? startsOn,
DateTimeOffset expiresOn,
@@ -1386,6 +1388,7 @@ public virtual async Task> UndeleteFileSystem
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public Uri GenerateAccountSasUri(
AccountSasPermissions permissions,
DateTimeOffset expiresOn,
@@ -1418,6 +1421,7 @@ public Uri GenerateAccountSasUri(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public Uri GenerateAccountSasUri(
AccountSasBuilder builder)
{
@@ -1552,6 +1556,7 @@ public virtual async Task> GetPropertiesAsyn
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual Response SetProperties(
DataLakeServiceProperties properties,
CancellationToken cancellationToken = default)
@@ -1600,6 +1605,7 @@ public virtual Response SetProperties(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public virtual async Task SetPropertiesAsync(
DataLakeServiceProperties properties,
CancellationToken cancellationToken = default)
diff --git a/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs b/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs
index f1d4cb60edd29..7b053ca9388be 100644
--- a/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs
+++ b/sdk/storage/Azure.Storage.Files.DataLake/src/Sas/DataLakeSasBuilder.cs
@@ -6,6 +6,7 @@
using System.ComponentModel;
using System.Security.Cryptography;
using System.Text;
+using Azure.Core;
using Azure.Storage.Files.DataLake;
using Azure.Storage.Files.DataLake.Models;
@@ -354,6 +355,7 @@ public void SetPermissions(string rawPermissions)
/// The used for authenticating
/// requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
@@ -419,6 +421,7 @@ public DataLakeSasQueryParameters ToSasQueryParameters(StorageSharedKeyCredentia
///
/// The used for authenticating requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-datalake")]
public DataLakeSasQueryParameters ToSasQueryParameters(UserDelegationKey userDelegationKey, string accountName)
{
userDelegationKey = userDelegationKey ?? throw Errors.ArgumentNull(nameof(userDelegationKey));
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj b/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj
index 0bd5dadc41177..8766dcd7425ec 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/Azure.Storage.Files.Shares.csproj
@@ -30,10 +30,11 @@
+
+
-
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs b/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs
index c64fa2b381192..cfecb1220d20b 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/Sas/ShareSasBuilder.cs
@@ -5,6 +5,7 @@
using System.Collections.Generic;
using System.ComponentModel;
using System.Text;
+using Azure.Core;
using Azure.Storage.Files.Shares;
namespace Azure.Storage.Sas
@@ -280,6 +281,7 @@ public void SetPermissions(string rawPermissions)
///
/// The used for authenticating requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs
index 8d3406e9bf243..3d60e907b988e 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareClient.cs
@@ -2686,6 +2686,7 @@ private async Task>> GetAccessPolicy
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Response SetAccessPolicy(
IEnumerable permissions,
ShareFileRequestConditions conditions = default,
@@ -2726,6 +2727,7 @@ public virtual Response SetAccessPolicy(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual async Task> SetAccessPolicyAsync(
IEnumerable permissions,
ShareFileRequestConditions conditions = default,
@@ -2763,7 +2765,7 @@ await SetAccessPolicyInternal(
/// a failure occurs.
///
[EditorBrowsable(EditorBrowsableState.Never)]
-
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
#pragma warning disable AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken.
public virtual Response SetAccessPolicy(
#pragma warning restore AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken.
@@ -2802,7 +2804,7 @@ public virtual Response SetAccessPolicy(
/// a failure occurs.
///
[EditorBrowsable(EditorBrowsableState.Never)]
-
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
#pragma warning disable AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken.
public virtual async Task> SetAccessPolicyAsync(
#pragma warning restore AZC0002 // DO ensure all service methods, both asynchronous and synchronous, take an optional CancellationToken parameter called cancellationToken.
@@ -3218,6 +3220,7 @@ private async Task> GetPermissionInternal(
///
/// A with ID of the newly created file permission.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Response CreatePermission(
string permission,
CancellationToken cancellationToken = default) =>
@@ -3243,6 +3246,7 @@ public virtual Response CreatePermission(
///
/// A with ID of the newly created file permission.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual async Task> CreatePermissionAsync(
string permission,
CancellationToken cancellationToken = default) =>
@@ -3500,6 +3504,7 @@ await GetDirectoryClient(directoryName)
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new ShareSasBuilder(permissions, expiresOn) { ShareName = Name });
@@ -3525,6 +3530,7 @@ public virtual Uri GenerateSasUri(ShareSasPermissions permissions, DateTimeOffse
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs
index 4b94f5fddc28b..8f65226cedab7 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareDirectoryClient.cs
@@ -3239,6 +3239,7 @@ await GetFileClient(fileName)
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new ShareSasBuilder(permissions, expiresOn)
{
@@ -3269,6 +3270,7 @@ public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeO
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs
index c9605b686651e..23dc6001bdcb2 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareFileClient.cs
@@ -6587,6 +6587,7 @@ private async Task OpenWriteInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeOffset expiresOn) =>
GenerateSasUri(new ShareSasBuilder(permissions, expiresOn)
{
@@ -6618,6 +6619,7 @@ public virtual Uri GenerateSasUri(ShareFileSasPermissions permissions, DateTimeO
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Uri GenerateSasUri(ShareSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs b/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs
index 2964593888230..ad03d61fd51f7 100644
--- a/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs
+++ b/sdk/storage/Azure.Storage.Files.Shares/src/ShareServiceClient.cs
@@ -722,6 +722,7 @@ private async Task> GetPropertiesInternal(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual Response SetProperties(
ShareServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -755,6 +756,7 @@ public virtual Response SetProperties(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public virtual async Task SetPropertiesAsync(
ShareServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -1399,6 +1401,7 @@ private async Task> UndeleteShareInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public Uri GenerateAccountSasUri(
AccountSasPermissions permissions,
DateTimeOffset expiresOn,
@@ -1433,6 +1436,7 @@ public Uri GenerateAccountSasUri(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-files-shares")]
public Uri GenerateAccountSasUri(AccountSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj b/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj
index e088484e088cc..723ce16f4d02b 100644
--- a/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj
+++ b/sdk/storage/Azure.Storage.Queues/src/Azure.Storage.Queues.csproj
@@ -37,6 +37,7 @@
+
diff --git a/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs b/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs
index 462e614fd4377..3e21453d52580 100644
--- a/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs
+++ b/sdk/storage/Azure.Storage.Queues/src/QueueClient.cs
@@ -3130,6 +3130,7 @@ private async Task> UpdateMessageInternal(
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public virtual Uri GenerateSasUri(QueueSasPermissions permissions, DateTimeOffset expiresOn)
=> GenerateSasUri(new QueueSasBuilder(permissions, expiresOn) { QueueName = Name });
@@ -3151,6 +3152,7 @@ public virtual Uri GenerateSasUri(QueueSasPermissions permissions, DateTimeOffse
///
/// A will be thrown if a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public virtual Uri GenerateSasUri(
QueueSasBuilder builder)
{
diff --git a/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs b/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs
index dabe13ca291c2..e34cd79026925 100644
--- a/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs
+++ b/sdk/storage/Azure.Storage.Queues/src/QueueServiceClient.cs
@@ -639,6 +639,7 @@ private async Task> GetPropertiesInternal(
///
///
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public virtual Response SetProperties(
QueueServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -663,6 +664,7 @@ public virtual Response SetProperties(
///
///
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public virtual async Task SetPropertiesAsync(
QueueServiceProperties properties,
CancellationToken cancellationToken = default) =>
@@ -989,6 +991,7 @@ await GetQueueClient(queueName)
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public Uri GenerateAccountSasUri(
AccountSasPermissions permissions,
DateTimeOffset expiresOn,
@@ -1017,6 +1020,7 @@ public Uri GenerateAccountSasUri(
/// A will be thrown if
/// a failure occurs.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public Uri GenerateAccountSasUri(AccountSasBuilder builder)
{
builder = builder ?? throw Errors.ArgumentNull(nameof(builder));
diff --git a/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs b/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs
index 59694bcfb3297..90c4a5212c96a 100644
--- a/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs
+++ b/sdk/storage/Azure.Storage.Queues/src/Sas/QueueSasBuilder.cs
@@ -5,6 +5,7 @@
using System.Collections.Generic;
using System.ComponentModel;
using System.Text;
+using Azure.Core;
using Azure.Storage.Queues;
namespace Azure.Storage.Sas
@@ -228,6 +229,7 @@ public void SetPermissions(string rawPermissions)
/// The used for authenticating
/// requests.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/storage-queues")]
public SasQueryParameters ToSasQueryParameters(StorageSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
diff --git a/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj b/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj
index 5dc36d8cb0e3f..e1b89edd3bc62 100644
--- a/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj
+++ b/sdk/tables/Azure.Data.Tables/src/Azure.Data.Tables.csproj
@@ -16,10 +16,6 @@
-
-
-
-
@@ -27,9 +23,12 @@
+
+
+
diff --git a/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs b/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs
index 59830b775d096..65bf928c70af1 100644
--- a/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs
+++ b/sdk/tables/Azure.Data.Tables/src/Sas/TableAccountSasBuilder.cs
@@ -161,6 +161,7 @@ public void SetPermissions(string rawPermissions)
///
/// An instance of .
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public TableAccountSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
@@ -208,6 +209,7 @@ public TableAccountSasQueryParameters ToSasQueryParameters(TableSharedKeyCredent
///
/// A URL encoded query string representing the SAS.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public string Sign(TableSharedKeyCredential sharedKeyCredential) =>
ToSasQueryParameters(sharedKeyCredential).ToString();
diff --git a/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs b/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs
index 9086fba7318e2..b7295911abe11 100644
--- a/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs
+++ b/sdk/tables/Azure.Data.Tables/src/Sas/TableSasBuilder.cs
@@ -185,6 +185,7 @@ public void SetPermissions(string rawPermissions)
///
/// An instance of .
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public TableSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sharedKeyCredential)
{
sharedKeyCredential = sharedKeyCredential ?? throw Errors.ArgumentNull(nameof(sharedKeyCredential));
@@ -239,6 +240,7 @@ public TableSasQueryParameters ToSasQueryParameters(TableSharedKeyCredential sha
///
/// A URL encoded query string representing the SAS.
///
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public string Sign(TableSharedKeyCredential sharedKeyCredential) =>
ToSasQueryParameters(sharedKeyCredential).ToString();
diff --git a/sdk/tables/Azure.Data.Tables/src/TableClient.cs b/sdk/tables/Azure.Data.Tables/src/TableClient.cs
index f57725d0c3319..e82d787c93b17 100644
--- a/sdk/tables/Azure.Data.Tables/src/TableClient.cs
+++ b/sdk/tables/Azure.Data.Tables/src/TableClient.cs
@@ -1407,6 +1407,7 @@ public virtual Response> GetAccessPolicies(
/// the access policies for the table.
/// A controlling the request lifetime.
/// The server returned an error. See for details returned from the server.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual async Task SetAccessPolicyAsync(IEnumerable tableAcl, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableClient)}.{nameof(SetAccessPolicy)}");
@@ -1426,6 +1427,7 @@ public virtual async Task SetAccessPolicyAsync(IEnumerable the access policies for the table.
/// A controlling the request lifetime.
/// The server returned an error. See for details returned from the server.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Response SetAccessPolicy(IEnumerable tableAcl, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableClient)}.{nameof(SetAccessPolicy)}");
@@ -1510,6 +1512,7 @@ public virtual Response> SubmitTransaction(
///
/// A on successfully deleting.
/// An will be thrown if a failure occurs.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Uri GenerateSasUri(TableSasPermissions permissions, DateTimeOffset expiresOn)
=> GenerateSasUri(new TableSasBuilder(Name, permissions, expiresOn) { TableName = Name });
@@ -1525,6 +1528,7 @@ public virtual Uri GenerateSasUri(TableSasPermissions permissions, DateTimeOffse
/// Used to generate a Shared Access Signature (SAS).
/// A on successfully deleting.
/// An will be thrown if a failure occurs.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Uri GenerateSasUri(
TableSasBuilder builder)
{
diff --git a/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs b/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs
index 2948d58b2d43f..740991fcc2ece 100644
--- a/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs
+++ b/sdk/tables/Azure.Data.Tables/src/TableServiceClient.cs
@@ -808,6 +808,7 @@ public virtual async Task DeleteTableAsync(string tableName, Cancellat
/// The Table Service properties.
/// A controlling the request lifetime.
/// The indicating the result of the operation.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Response SetProperties(TableServiceProperties properties, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableServiceClient)}.{nameof(SetProperties)}");
@@ -828,6 +829,7 @@ public virtual Response SetProperties(TableServiceProperties properties, Cancell
/// The Table Service properties.
/// A controlling the request lifetime.
/// The indicating the result of the operation.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual async Task SetPropertiesAsync(TableServiceProperties properties, CancellationToken cancellationToken = default)
{
using DiagnosticScope scope = _diagnostics.CreateScope($"{nameof(TableServiceClient)}.{nameof(SetProperties)}");
@@ -942,6 +944,7 @@ public virtual Response GetStatistics(CancellationToken
///
/// A on successfully deleting.
/// An will be thrown if a failure occurs.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Uri GenerateSasUri(TableAccountSasPermissions permissions, TableAccountSasResourceTypes resourceTypes, DateTimeOffset expiresOn)
=> GenerateSasUri(new TableAccountSasBuilder(permissions, resourceTypes, expiresOn));
@@ -957,6 +960,7 @@ public virtual Uri GenerateSasUri(TableAccountSasPermissions permissions, TableA
/// Used to generate a Shared Access Signature (SAS).
/// A on successfully deleting.
/// An will be thrown if a failure occurs.
+ [CallerShouldAudit(Reason = "https://aka.ms/azsdk/callershouldaudit/data-tables")]
public virtual Uri GenerateSasUri(
TableAccountSasBuilder builder)
{