Azure storage sync mechanisms

1
votes

I have a problem that I have been wracking my brain about and figured I would need some perspective and insight from people who are a lot more knowledgeable about this.

What I have currently: Web based application hosted in azure uses azure blob store to store files that are generated as part of data import processes. We have a seperate application that extends the original web application that allows users to upload files and these files are currently also stored in azure blob store.

Where I am trying to go: I have a requirement that wants the ability to map network file shares on a users laptop and be able to access these files that currently reside in the blob.

  1. Since Azure blob does not support SMB I have no way of actually doing this with a blob store.

  2. I could use Azure files in conjunction with a File Server running the sync agent. However, this requires a lot of work both in terms of refactoring, setup and some custom service that add remove permissions on the file server.

  3. I'm wondering if there is a service or a piece of software that exists in the market currently that allows me to continue using blob and perhaps sync the blob files into a file server that can then allow users to access and open files using windows file explorer? I found one that looks like an open source project but only does a one way sync from the blob to the file share. Ideally I'd like to find a solution that does a two way sync like azure file sync does.

Any thoughts and ideas will be appreciated.

1
azureazure-storageazure-blob-storageazure-storage-files
maybe you can us logic app to copy file from blob to file storage ?Thomas
Per my understanding, you could migrate the data storage to azure file share instead of blob storage or you could create each blob container for each user and generate each blob container SAS token for your users, then the users could leverage Azure Storage Explorer to manage their blob files or use AzCopy and other command tools to download the blob files into their laptop file system.Bruce Chen
@BruceChen - yes that is possible, however, the issue is that once a user has the SAS token he/she will have perpetual access to the blob and we won't be able to remove that person's access unless we generate new keys.Gjohn

1 Answers

1
votes

Since the max number of blob containers, file shares is unlimited. Per my understanding, you could leverage the following approaches:

  • Migrate the data from blob storage to azure file share instead of blob storage, then the subsequent file store is azure file storage.

    Note: Currently you must specify storage account key when mounting file shares, details you could follow this feedback. I recommend that you'd better do not map network file shares on a users laptop.

  • You could still use the blob storage, and you could create each blob container for each user and generate each blob container SAS token for your users, then the users could leverage Azure Storage Explorer to manage their blob files or use AzCopy and other command tools to download the blob files into their laptop file system.

    Note: For security consideration, you could combine a stored access policy with a SAS, in order to revoke the permissions, you just need to invalidate the related access policy instead of regenerating the account key. Details you could follow Controlling a SAS with a stored access policy and Shared Access Signatures, Part 2: Create and use a SAS with Blob storage.