File Storage Access in Azure

This document outlines the various methods and best practices for accessing files stored within Azure Files. Azure Files offers fully managed file shares in the cloud that are accessible via the industry-standard Server Message Block (SMB) protocol, and Network File System (NFS) protocol.

Methods of Access

Azure Files can be accessed from multiple locations:

1. Mounting from Windows

You can mount an Azure File share on Windows machines using the net use command. This allows you to treat the file share like a local drive.

net use : \\.file.core.windows.net\ /u: 

Replace <DriveLetter>, <storageAccountName>, <shareName>, and <storageAccountKey> with your specific values.

2. Mounting from Linux

For Linux distributions, you can use the mount command with the CIFS/SMB filesystem. You'll need to install the cifs-utils package.

sudo apt-get update && sudo apt-get install cifs-utils  # For Debian/Ubuntu
sudo yum install cifs-utils # For RHEL/CentOS/Fedora

sudo mount -t cifs \\\\.file.core.windows.net\\ /mnt/ -o vers=3.0,username=,password=,dir_mode=0777,file_mode=0777,serverino

For NFS, the process is similar but uses the NFS protocol and requires different configurations.

3. Mounting from macOS

macOS can also mount SMB shares. Open Finder, go to Go > Connect to Server and enter the following address:

smb://.file.core.windows.net/

You will be prompted for credentials.

4. Access via Azure CLI

Azure CLI provides commands to interact with Azure Files. You can list shares, download, and upload files.

az storage file list --share-name  --account-name  --account-key 
az storage file download --share-name  --path  --file-name  --account-name  --account-key 
az storage file upload --share-name  --path  --file-name  --account-name  --account-key 

5. Access via Azure Storage Explorer

Azure Storage Explorer is a graphical tool that allows you to manage your Azure storage resources, including Azure Files. It provides an intuitive interface for browsing, uploading, downloading, and managing files.

Download Azure Storage Explorer

Security Considerations

When accessing Azure Files, it's crucial to implement robust security measures:

• Use Azure AD Domain Services (Azure AD DS) or Active Directory Domain Services (AD DS): For enterprise environments, integrating Azure Files with your on-premises or cloud-based identity management systems provides granular permissions and Kerberos authentication.
• Shared Key Authentication: While convenient, using storage account keys for direct access should be managed carefully. Consider using Shared Access Signatures (SAS) for temporary, scoped access.
• Network Security: Restrict access to your storage account using firewalls and virtual network service endpoints.

Performance and Scalability

Azure Files offers different performance tiers (Standard and Premium) to meet various workload requirements. Understand the IOPS and throughput limits associated with each tier and your chosen storage account SKU.

Next Steps

Explore the following resources for deeper insights:

• Using the NFS protocol with Azure Files
• Using the SMB protocol with Azure Files
• Mount Azure file share on Windows
• Mount Azure file share on Linux