Azure · elesel · May 15, 2025 · May 14, 2025 · May 14, 2025 · May 14, 2025
@@ -1,6 +1,10 @@
 ## 1.17.0 (Unreleased)
 ### 🚀 New Features
 
+## 1.16.81 (2025-05-15)
+### 🚀 New Features
+- [#4184](https://github.com/Azure/azureml-assets/pull/4184) Generate SAS token instead of checking container access
+
 ## 1.16.80 (2025-05-13)
 ### 🚀 New Features
 - [#4172](https://github.com/Azure/azureml-assets/pull/4172) Make asset validation work with new schema validation in ADO

@@ -583,35 +583,17 @@ def get_uri(self, token_expiration: timedelta = timedelta(hours=1)) -> str:
             # If we fail pass through to the next approach
             pass
 
-        # Our second approach is to use the azure python SDK to view the properties
-        # of the container. If the container allows for anonymous access then we can
-        # return the URI "as-is".
-        #
-        # This approach is slower than the first approach, which is why we
-        # tried the simple HTTP request approach first.
-        #
-        # It also requires Azure Credentials to be configured which may or may
-        # not be present depending on the execution environment. If these credentials
-        # do not exist then fail gracefully, return the URI "as-is", and hope for the best.
+        # Generate a SAS token for the container and append it to the URI
         try:
             blob_service_client = BlobServiceClient(
                 account_url=self._account_uri,
                 credential=AzureCliCredential(
                     process_timeout=AzureBlobstoreAssetPath.AZURE_CLI_PROCESS_LOGIN_TIMEOUT
                 )
             )
-            container_client = blob_service_client.get_container_client(container=self._container_name)
-
-            # If the container allows for anonymous access then we can return the URI "as-is"
-            if container_client.get_container_properties().public_access is not None:
-                self._token = ""
-                return uri
 
-            # Our final approach is to generate a SAS token for the container and append
-            # it to the URI
             start_time = datetime.now(timezone.utc)
             expiry_time = start_time + token_expiration
-
             key = blob_service_client.get_user_delegation_key(start_time, expiry_time)
 
             self._token = generate_container_sas(
@@ -657,11 +639,11 @@ def get_files(self, strip_container_prefix: bool = True) -> List[dict]:
             List[dict]: List of files and their sizes. Dicts have keys `name` and `size`.
         """
         container_client = self.get_container_client()
-        container_prefix = self._container_path + "/"
+        container_prefix = self._container_path + "/" if self._container_path else None
         blobs = container_client.list_blobs(name_starts_with=container_prefix)
 
         # Remove prefix if desired
-        starting_pos = len(container_prefix) if strip_container_prefix else 0
+        starting_pos = len(container_prefix) if container_prefix and strip_container_prefix else 0
         blobs = [{'name': blob.name[starting_pos:], 'size': blob.size} for blob in blobs]
         return blobs
 

@@ -7,7 +7,7 @@
 
 setup(
    name="azureml-assets",
-   version="1.16.80",
+   version="1.16.81",
    description="Utilities for publishing assets to Azure Machine Learning system registries.",
    author="Microsoft Corp",
    packages=find_packages(),