FileShare and blob container alternative

David Laws 21 Reputation points
2022-01-26T23:26:29.363+00:00

I'm new to Azure WebApps and storage, what I'm trying to understand is how best to mount storage on Azure WebApp (Linux OS) with read/write capabilities.

I am deploying a CMS application which allows site administrator to add content including uploading files (images, docs, videos, pdfs etc...) on the fly. These need to be stored on a file server and cannot be stored in the webroot, hence why I need to mount blob container allowing hierarchical namespace (i.e. a folder structure). The CMS application then renders these files to a webpage. Think of it as Wordpress. Just to be clear, these are not files that are added beforehand, these get uploaded by site administrators just like updating content to the database, they can also upload files to the server.

The issue I'm facing is, file share does not allow anonymous access and requires SAS URL, Data Lake Gen 2 (ADLS 2) is read only but does allows access anonymously. Is there an alternative way to mount storage to a WebApp with the ability to read anonymously and has write permissions?

The problem with using File Share

Anonymous access is not allowed for files stored in file storage, the access needs to be authorised. One way of authorising the access is to create a SAS on a file/share level with Read permission and then using that SAS URL to access the file. This is not possible in my scenario.

Problem with Data Lake Gen 2 storage
This option would have been ideal unfortunately, mounted Blob containers are read only "Mounted Blob containers will become read only in Feb 2020" and MS recommend to use azure files!

I cannot use SDK as that would required rewriting parts of the CMS for performing CRUD operation on the objects and that is not possible as its a massive piece of software to change.

Am I approaching this the wrong way? What options do I have other than going down the VM route?

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,152 questions
Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,330 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,404 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,766 questions
0 comments No comments
{count} votes

Accepted answer
  1. Sam Cogan 10,082 Reputation points MVP
    2022-01-27T08:50:13.157+00:00

    None of the Azure Storage technologies support anonymouse write access as it is a major security risk allowing anyone to write files. You can either look at adapting your application to have it communicate with Azure Storage securely, or have your administrators upload files directly to Azure Storage using Azure Storage Explorer or similar tools.

    0 comments No comments

0 additional answers

Sort by: Most helpful