LinkedInGitHubYouTube

Develop for Azure Files with Python - Azure Storage

Here’s a concise summary of the article "Develop for Azure Files with Python."

Overview

  • Azure Files is a managed cloud file-share service accessible via SMB, NFS, and REST (FileREST API).

  • The article explains approaches for Python apps to access Azure Files, how to choose an approach, and provides code examples for typical tasks.

Approaches (when to use each)

  • Standard Python file I/O (os, io)

    • How it works: Mount an Azure file share via SMB/NFS and use normal file system calls.

    • When to use: Existing line-of-business apps or any code that expects a normal filesystem and you don’t want to rewrite file access.

  • FileREST API (Azure Storage File Shares client library: azure-storage-file-share)

    • How it works: Call HTTPS endpoints (via SDK) to operate on files and directories.

    • When to use: Advanced features, custom cloud integrations, or high-scale data-plane operations.

  • Storage resource provider REST API (management libraries: azure-mgmt-storage, azure-mgmt-resource)

    • How it works: Use ARM-based REST API (via management SDKs) to manage storage accounts and file shares.

    • When to use: Resource-level tasks (create/delete/update storage accounts or shares), snapshots, quotas, etc.

Prerequisites

  • Azure subscription

  • Azure storage account

  • Python 3.8+

Set up your project

  • Install packages (example): pip install azure-identity pip install azure-storage-file-share pip install azure-mgmt-resource pip install azure-mgmt-storage

  • Import relevant modules depending on approach:

    • os, io for mounted shares

    • azure.identity.DefaultAzureCredential and azure.storage.fileshare.* for data operations

    • azure.identity.DefaultAzureCredential plus azure.mgmt.resource / azure.mgmt.storage for management operations

Work with mounted shares using Python file I/O

  • Mount share via SMB/NFS (links provided for Windows/Linux instructions).

  • Use normal file operations (os.listdir, open, os.stat, etc.). Example snippets include:

    • Enumerate directories on a mounted share.

    • Write and append to a file.

    • Inspect basic POSIX-style ACLs via os.stat and stat (note Windows ACLs may require specialized libraries).

Work with Azure Files using the File Shares client library

  • Use FileREST API via azure-storage-file-share for directory- and file-level operations and advanced features.

  • Examples provided:

    • Authorize and create clients: ShareClient via DefaultAzureCredential, account key, or connection string. Note: when using token credentials, supply token_intent when required.

    • Copy files between shares using ShareFileClient.start_copy_from_url.

    • Acquire and release file leases using ShareLeaseClient (to coordinate distributed access).

    • Create and list share snapshots using ShareServiceClient / ShareClient. Important: share-level snapshot operations require account key (connection string) — OAuth tokens are not allowed for those data-plane share-level ops.

Authorization guidance

  • Recommended: Microsoft Entra ID via DefaultAzureCredential (supports service principal, user credential, managed identity depending on where app runs). Assign Storage File Data Privileged Contributor for full data access used in examples.

  • Alternatives: account key or connection string (use with caution — security risk). Links given for best practices on key management and obtaining credentials.

Manage Azure Files with management libraries

  • Use Azure Storage management libraries (azure-mgmt-storage, ResourceManagementClient) to perform file-service and file-share level management (create shares, set quota, list shares and snapshots).

  • Examples:

    • Register Microsoft.Storage provider and create a file share (FileShare share_quota).

    • List file shares and snapshots via StorageManagementClient.file_shares.list.

Notes and links

  • The article includes links for deeper topics: developer overview, mounting SMB/NFS, managing file locks, naming rules, REST references, and samples.

  • Security notes: DefaultAzureCredential is preferred. Account keys/connection strings allow operations (like share snapshots) not supported with OAuth tokens but present security risk — consider Azure Key Vault for storing keys.

References

  • Links in the article (kept unchanged): overview, mounting guides, SDK references, samples, and docs cited throughout.

(Last updated in the article: 10/15/2025)

PreviousOverview of application development with Azure Files - Azure StorageNextMigrate data into Azure File Sync with Azure Data Box

Was this helpful?