Azure Files are a great way to manage structured data in the cloud. You can even mount them as regular file shares in order to access them from your servers using technologies you may already be familiar with, such as Samba. However, Azure also offers a RESTful interface which you can use to interact with Azure File Shares. In this lab, you will see what it looks like to read and write to an Azure File Share using REST.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create the file using the REST API.
- Log in to the provided VM using the Public IP address and credentials.
- In order to authenticate, you will need to create a signed authorization header.
- Set some temporary environment variables to aid in future commands.
- For the
storage_accountandaccess_key, provide the actual storage account name and access key. To obtain these, log in to the Azure portal. The access key can be found by clicking the storage account, then clicking Access Keys.
request_date=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z") storage_service_version="2018-11-09" storage_account=${your storage account name} access_key=${your storage account access key} resource="/${storage_account}/config/nginx-site-config.conf" file_length=$(wc -m < nginx-site-config.conf) request_method="PUT"- Create a temporary environment variable containing the list of headers that need to be signed:
headers="x-ms-content-length:$file_lengthnx-ms-date:$request_datenx-ms-type:filenx-ms-version:$storage_service_version" - Create a variable that contains the full string that will be signed:
string_to_sign="${request_method}nnnnnnnnnnnn${headers}n${resource}" - Create a variable that contains the access key decoded and converted to hex:
hex_key="$(echo -n $access_key | base64 -d -w0 | xxd -p -c256)" - Generate the signature and Authorization header:
signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$hex_key" -binary | base64 -w0) authorization_header="SharedKey $storage_account:$signature" - Create the file in the Azure File Share:
curl -X PUT -H "x-ms-content-length:$file_length" -H "x-ms-date:$request_date" -H "x-ms-type:file" -H "x-ms-version:$storage_service_version" -H "Content-Length: 0" -H "Authorization:$authorization_header" "https://${storage_account}.file.core.windows.net/config/nginx-site-config.conf"
- Upload the file’s contents.
- Generate a new authorization header:
request_date=$(TZ=GMT date "+%a, %d %h %Y %H:%M:%S %Z") request_method="PUT" content_type="text/plain" headers="x-ms-date:$request_datenx-ms-range:bytes=0-$((file_length - 1))nx-ms-version:$storage_service_versionnx-ms-write:update" string_to_sign="${request_method}nnn$file_lengthnn$content_typennnnnnn${headers}n${resource}ncomp:range" hex_key="$(echo -n $access_key | base64 -d -w0 | xxd -p -c256)" signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$hex_key" -binary | base64 -w0) authorization_header="SharedKey $storage_account:$signature"- Upload the data to the file:
curl -X PUT -H "x-ms-date:$request_date" -H "x-ms-version:$storage_service_version" -H "x-ms-range:bytes=0-$((file_length - 1))" -H "x-ms-write:update" -H "Authorization: $authorization_header" -H "Content-Type:$content_type" -H "Content-Length:$file_length" --data-binary "@nginx-site-config.conf" "https://${storage_account}.file.core.windows.net/config/nginx-site-config.conf?comp=range"- If you wish, you can locate the file in the Azure portal and click Download to verify that the contents appear.
