Using Azure Cloud File share APIs, I am able to create a file share and the directories, folders, and files. They all saved correctly in the file share. From the browser, I am able to view the content using URI + SAS token (generated for the file share). So, in .NET, what's the best way to access the Azure file? Can we able to access the file (not blob) without SAS token? Is SAS token mandatory? If so, when is the right time to generate the token? (while accessing the file every time?)
1
votes
2 Answers
1
votes
There are 3 ways to access the storage:
1) Using a master/root key. I would not recommend using this approach since the master key has full access to the storage account.
2) Using a SAS key. This is a good approach since you can limit the amount of access given by the key. See the best practices section of this site. You will need to generate your key before accessing the storage and store it securely in configuration. Note that the blobs are your files. Blobs are organised in to blob storage containers, which then sit inside your storage accounts.
3) If you go for the new Azure Data Lake Gen 2 storage (ADLS Gen 2), then you can use Azure Active Directory authentication in conjunction with service accounts or managed service identities (MSI). Note that ADLS Gen 2 is still in preview.
0
votes
It's not mandatory to use SAS token if try to access/operate fileshare in c#/.net .
You can just use the storage account name and account key for the authentication, then operate the fileshare like create/delete the fileshare/directory/file respectively following this official doc.
Besides store the account name/key in config file mentioned in the above doc, you can also directly use them in your c# code, like below(.net framework console project):
using Microsoft.WindowsAzure.Storage;
using Microsoft.WindowsAzure.Storage.Auth;
using Microsoft.WindowsAzure.Storage.File;
using System;
namespace ConsoleApp1File
{
class Program
{
static void Main(string[] args)
{
string accountname = "xxx";
string accountkey = "xxxxxxx";
CloudStorageAccount storageAccount = new CloudStorageAccount(new StorageCredentials(accountname, accountkey), true);
// Create a CloudFileClient object for credentialed access to Azure Files.
CloudFileClient fileClient = storageAccount.CreateCloudFileClient();
// Get a reference to the file share.
CloudFileShare share = fileClient.GetShareReference("s66");
//if fileshare does not exist, create it.
share.CreateIfNotExists();
if (share.Exists())
{
// Get a reference to the root directory for the share.
CloudFileDirectory rootDir = share.GetRootDirectoryReference();
// Get a reference to the directory.
CloudFileDirectory sampleDir = rootDir.GetDirectoryReference("CustomLogs");
//if the directory does not exist, create it.
sampleDir.CreateIfNotExists();
if (sampleDir.Exists())
{
// Get a reference to the file.
CloudFile file = sampleDir.GetFileReference("Log1.txt");
// if the file exists, read the content of the file.
if (file.Exists())
{
// Write the contents of the file to the console window.
Console.WriteLine(file.DownloadTextAsync().Result);
}
//if the file does not exist, create it with size == 500bytes
else
{
file.Create(500);
}
}
}
Console.WriteLine("--file share test--");
Console.ReadLine();
}
}
}
