Azure File Shares

Azure File shares are fully managed cloud file shares that are accessible via the industry-standard Server Message Block (SMB) protocol and Network File System (NFS) protocol. This means that you can "mount" these file shares onto your cloud or on-premises operating systems just as you would mount a local file share.

What are Azure File Shares?

Azure Files offers managed file shares in the cloud. You can use these shares for:

• Replacing on-premises file servers for applications that need shared configuration files or settings.
• Migrating legacy applications that expect a file system.
• Providing shared storage for development and testing environments.
• Storing diagnostic logs and other unstructured data.

Key Features

• SMB and NFS Support: Access your shares from Windows, Linux, and macOS.
• Managed Service: No need to manage underlying hardware or operating systems.
• Scalability: Scales to petabytes of data.
• Security: Supports Azure Active Directory Domain Services (Azure AD DS) authentication, on-premises Active Directory Domain Services (AD DS) authentication, and shared key authentication.
• Redundancy: Offers various redundancy options to protect your data.

Creating an Azure File Share

You can create an Azure File share using the Azure portal, Azure CLI, PowerShell, or client libraries.

Using the Azure Portal

1. Navigate to your storage account in the Azure portal.
2. Under Data storage, select File shares.
3. Select + File share.
4. Enter a name for your file share, specify a quota, and select a tier (e.g., Transaction Optimized, Hot, Cool).
5. Click Create.

Using Azure CLI

To create a file share using Azure CLI, you can use the following command:

az storage share create \
    --name myfileshare \
    --account-name mystorageaccount \
    --quota 1024 \
    --output table

Accessing Azure File Shares

Once a file share is created, you can mount it to your client machines. The method for mounting depends on the operating system.

Mounting from Windows

You can use File Explorer or the net use command. You'll need the storage account name and one of the storage account access keys.

net use Z: \\mystorageaccount.file.core.windows.net\myfileshare /u:Azure\mystorageaccount 

Mounting from Linux

Use the mount command. You'll need to install the cifs-utils package first.

sudo apt-get update && sudo apt-get install cifs-utils
sudo mount -t cifs //mystorageaccount.file.core.windows.net/myfileshare /mnt/mydirectory -o vers=3.0,username=mystorageaccount,password=<storage_account_key>,dir_mode=0777,file_mode=0777,serverino

Mounting from macOS

Similar to Linux, use the mount command.

mkdir /Volumes/myshare
mount -t smbfs //mystorageaccount.file.core.windows.net/myfileshare /Volumes/myshare -o \
    username=mystorageaccount,password=<storage_account_key>

Security Considerations

Azure File shares support several authentication methods:

• Shared Key Authentication: Uses the account name and one of the storage account access keys. Simple but less secure for broad access.
• Azure Active Directory Domain Services (Azure AD DS): Enables Kerberos authentication for file shares with domain-joined machines.
• On-premises Active Directory Domain Services (AD DS): Integrates with your existing on-premises AD for Kerberos authentication.

For enhanced security, it is recommended to use Azure AD DS or on-premises AD DS authentication whenever possible, especially for sensitive data.

Pricing and Tiers

Azure File shares offer different performance tiers:

• Transaction Optimized: Optimized for workloads that perform a large number of transactions and do not require high throughput.
• Hot: Optimized for workloads that store data that is accessed frequently.
• Cool: Optimized for workloads that store data that is accessed infrequently and has longer latency requirements.

Pricing is based on the provisioned capacity, transactions, and data retrieval from different tiers.

Learn More

• Introduction to Azure Files
• Create an Azure file share and mount it