API Management Policy to perform Azure Storage File Shares operations
API Management Policy to perform Azure Storage File Shares operations We can use APIM policy to perform operations like create, update, delete and get on Azure Storage File Shares. To do this, we need to insert an inbound policy to the API operation configurations in Design mode. Steps to add inbound policy to create a file in File Shares – Go to the API Management Service, select APIs from APIs blade. Then select any of your API from the ALL APIs list. This will populate the related API Operations. Select POST (create Resource) from the API operations list like referred in the screenshot below- Click on the </> sign to enter Edit mode and insert the new policy like in the below screenshot. Copy the below policy definition and paste in between the <inbound ></inbound> tags. Update the highlighted values with your Storage account details and save. Please make sure all the required headers are in the same format as below. <inbound> <base /> <!-- Initialize context variables with property values. --> <set-variable name="storageAccount" value="NameOfYourStorageAccount" /> <set-variable name="x-request-body" value="@(context.Request.Body.As<string>())" /> <set-variable name="x-request-body-length" value="@{ return (string)context.Request.Headers.GetValueOrDefault("Content-Length","0"); }" /> <send-request mode="new" response-variable-name="tokenstate" timeout="2" ignore-error="true"> <set-url>@{ return string.Format("https://{0}.file.core.windows.net/NamOfYourFileShares/FileNamewithextension?SASToken ",(string)context.Variables["storageAccount"]); }</set-url> <set-method>PUT</set-method> <set-header name="x-ms-type" exists-action="override"> <value>file</value> </set-header> <set-header name="x-ms-file-permission" exists-action="override"> <value>inherit</value> </set-header> <set-header name="x-ms-file-attributes" exists-action="override"> <value>none</value> </set-header> <set-header name="x-ms-file-creation-time" exists-action="override"> <value>now</value> </set-header> <set-header name="x-ms-file-last-write-time" exists-action="override"> <value>now</value> </set-header> <set-header name="x-ms-content-length" exists-action="override"> <value>65336</value> </set-header> </send-request> </inbound> After saving the policy, go to the Test tab of API. Select that updated API operation and click on send. If all the updated parameters are authenticated, you will receive 200 OK and the trace will show 201 (Created) response code. The new created file can be viewed in the File Shares – In case, we want to do the error handling we can add the on-error section to track the error responses as well. We need to add this block after outbound closing tag. This will give use information about the related errors. Reference link for APIM error handling- https://docs.microsoft.com/en-us/azure/api-management/api-management-error-handling-policies <on-error> <set-header name="ErrorSource" exists-action="override"> <value>@(context.LastError.Source)</value> </set-header> <set-header name="ErrorReason" exists-action="override"> <value>@(context.LastError.Reason)</value> </set-header> <set-header name="ErrorMessage" exists-action="override"> <value>@(context.LastError.Message)</value> </set-header> <set-header name="ErrorScope" exists-action="override"> <value>@(context.LastError.Scope)</value> </set-header> <set-header name="ErrorSection" exists-action="override"> <value>@(context.LastError.Section)</value> </set-header> <set-header name="ErrorPath" exists-action="override"> <value>@(context.LastError.Path)</value> </set-header> <set-header name="ErrorPolicyId" exists-action="override"> <value>@(context.LastError.PolicyId)</value> </set-header> <set-header name="ErrorStatusCode" exists-action="override"> <value>@(context.Response.StatusCode.ToString())</value> </set-header> <base /> </on-error> Similarly, we can perform other operations like update and get by updating the required headers into the policy. Reference link for File Share operation APIs - https://docs.microsoft.com/en-us/rest/api/storageservices/operations-on-files
File services in azure
We currently have DFS setup on-prem. We are visualizing our environment but wanted to get away from DFS. We need to have all the files in DFS migrated to azure VMs. Im just not sure what the best way to go about this is. I was looking at Azure Files, but learned that it doesnt support ACLs. I know there is a preview for this feature, but we don't use AAD DS. The only way i can currently think of is setting up a few VMs with shares. Just didnt know if there was a better option in azure that supports ACLs and some type of replication.
