Azure File Storage

Azure Files offers fully managed cloud file shares that are accessible via the industry-standard Server Message Block (SMB) protocol. This means you can lift and shift your applications that rely on file shares to Azure without significant code changes. Azure Files also supports the Network File System (NFS) protocol for Linux and macOS clients.

Key Concepts

• Storage Account: A container for all your Azure Storage data objects, including blobs, files, queues, and tables.
• File Share: A scalable, cloud-based file share that can be mounted by multiple clients simultaneously.
• NFSv4.1 Support: Enables Linux and macOS clients to access Azure Files using the NFS protocol, offering enhanced performance and security for those environments.
• SMB Protocol: Supports version 2.1 and 3.0 of the SMB protocol, allowing Windows, macOS, and Linux clients to mount shares.
• Azure Files Identity: Provides granular access control using Azure AD DS, on-premises Active Directory Domain Services, or traditional access keys.

Getting Started

To get started with Azure File Storage, you'll need an Azure subscription and a storage account. Here's a quick overview of the steps:

1. Create a Storage Account: Navigate to the Azure portal and create a new storage account.
2. Create a File Share: Within your storage account, create a new file share. You can specify a quota for the share.
3. Mount the File Share: You can then mount the file share to your on-premises Windows, macOS, or Linux machines, or to Azure Virtual Machines.

Accessing Files

Azure Files can be accessed in several ways:

• Mounting via SMB: Use standard tools like net use on Windows or mount on Linux/macOS to mount the share.
• Mounting via NFS: For Linux/macOS clients, use the mount command with NFS options.
• Azure CLI and PowerShell: Use Azure command-line tools to manage file shares, upload/download files, and more.
• Azure Storage Explorer: A graphical tool for managing Azure Storage resources, including file shares.

Example: Mounting via SMB on Windows

net use Z: \\yourstorageaccountname.file.core.windows.net\yourfilesharename /u:Azure\yourstorageaccountname yourstorageaccountkey
            

Example: Mounting via NFS on Linux

sudo mount -o sec=sys,vers=4.0 -o cache=none yourstorageaccountname.file.core.windows.net:/yourstorageaccountname/yourfilesharename /mnt/azure
            

Security

Azure Files offers robust security features:

• Encryption: Data is encrypted in transit using SMB 3.0 encryption and at rest with AES-256 encryption.
• Access Control: Integrate with Azure AD DS or on-premises AD DS for file-level ACLs. Alternatively, use storage account keys or SAS tokens for broader access.
• Private Endpoints: Securely connect your file shares to your virtual network.

Performance

Azure Files provides different performance tiers to meet varying workload needs:

• Standard: Cost-effective performance for general-purpose file sharing.
• Premium: High-performance SSD-based storage for latency-sensitive workloads.

Pricing

Azure Files pricing is based on:

• Data stored
• Transactions
• Snapshot usage (if applicable)
• Data transfer out

Refer to the Azure Files pricing page for detailed information.

Tutorials

Explore the following tutorials to deepen your understanding and practical skills with Azure File Storage:

• Create and manage an Azure file share
• Secure an Azure file share
• Mount an Azure file share with NFS