Book a Demo Free Trial

Restrict access to Files and Folders through file Attributes using Cerulean

Ranjith Eswaran

Jan 27, 2021

Category: Azure Storage

Azure Files provides us a fully managed Azure File Shares in the cloud that can be accessed through industry standard Server Message Block (SMB) protocol or Network File System (NFS) Protocol. These azure file shares can be mounted concurrently in the cloud and on-premises deployments. Azure

File Shares can be accessed from Windows, macOS, and Linux clients.
All the files and folders stored either in local drives or network drives cannot be accessed by all the processes running in a system. Let us consider a scenario where we want a limited read-only access to the files and folders for the users accessing your File Share. Similarly, we do not want a file to be read by all the processes and it is used only by the operating system. In this case, the file must be differentiated from other files in a directory.

So, to handle all these scenarios, there must be a mechanism that allows us to restrict the processes from accessing the file and folder contents. Such a mechanism provided by the File management service is called File Attributes. We will see how we can use the File Attributes in Azure file shares using Cerulean.

File Attributes

File attributes are settings associated with files and folders that grant or deny rights to how the operating system or the user can access that file or folder. For example, if a file is marked as Hidden, it will not be listed in the normal file listing screen. Following are the File Attributes supported in Azure files.

Attribute Win32 file attribute Definition
ReadOnly FILE_ATTRIBUTE_READONLY A file that is read-only. Applications can read the file but cannot write to it or delete it.
Hidden FILE_ATTRIBUTE_HIDDEN The file is hidden. It is not included in an ordinary directory listing.
System FILE_ATTRIBUTE_SYSTEM A file that the operating system uses a part of or uses exclusively.
None FILE_ATTRIBUTE_NORMAL A file that does not have other attributes set. This attribute is valid only when used alone.
Archive

FILE_ATTRIBUTE_ARCHIVE A file that is an archive file. Applications typically use this attribute to mark files for backup or removal.
Temporary FILE_ATTRIBUTE_TEMPORARY A file that is being used for temporary storage.
The data of a file is not available immediately.
Offline FILE_ATTRIBUTE_OFFLINE This file system attribute is presented primarily to provide compatibility with Windows – Azure Files does not support with offline storage options.
NotContentIndexed FILE_ATTRIBUTE_NOT_CONTENT_INDEXED The file is not to be indexed by the content indexing service.
NoScrubData FILE_ATTRIBUTE_NO_SCRUB_DATA The user data stream not to be read by the background data integrity scanner. This file system attribute is presented primarily to provide compatibility with Windows.

File Attributes in Azure Files

Attributes can be set on the files and folders in the Azure File share using the available REST API. These file attributes will be very helpful in managing the access to the files and folders in the file share when it is mounted to a cloud or on-premises system. However, it is not possible to modify the File and folder Attributes in both the Azure Portal and the Azure Storage Explorer. Cerulean provides us with an interactive user interface to modify the File and Folder attributes.

Cerulean

Cerulean (a cross-platform desktop tool to manage your Azure resources) helps us in managing the attributes of the Files and Folders in an easy and simple way. It is possible to view and edit the attributes of the files and folders in an Azure File Share. It is the only tool that provides the most comprehensive set of features to manage your Azure storage resources (Blobs, Tables, Queues, and Files). You can learn more about Azure storage features in Cerulean on our website at https://cerebrata.com/products/cerulean/features/azure-storage.

Set File Attributes

The attributes of the Files and Folders can be edited or set by following the below steps.

  1. Navigate into the required Azure File share inside your Storage account. All the files and folders inside the File Share will be listed.
  2. Select the required File or Folder whose attribute must be modified.
  3. Right Click on the File or Folder. Select Properties from the context menu.
  1. Attributes assigned to that File or Folder will appear in the properties blade.
  1. Attributes of a file can be edited by clicking on the edit icon.
  1. Select the required file attributes and click Save Attributes to complete the process.

Set attributes of multiple files and folders

It is not possible to modify the attributes of multiple files and folders easily through the REST API call. We need to perform the REST API call for the required files and folders multiple times to update their file attributes. In Cerulean, it is possible to select the required files and folders and update their attributes in a single click. Follow the below steps to update the attributes of multiple files and folders.

  1. Navigate into the required Azure File share inside your Storage account. All the files and folders inside the File Share will be listed.
  2. Select the required files or folders whose attributes must be modified.
  3. Select the Set Properties button.
  1. Select the Set File Attributes option from the context menu.
  1. Enable the required File attributes.
  1. Attributes of the files will be updated through background tasks on the click of the submit button.

Mounting the file share in windows

The required file share can be mounted to a windows machine by following the below steps.

  1. Sign into Azure Portal and navigate into the required Storage account.
  2. Select the required File Share.
  3. Click on the connect button.
  1. Select the required Drive letter and copy the provided script.
  1. Open the Powershell and execute the copied script in the required host to mount the file share.
  1. Open the File Explorer and navigate to This PC.
  2. Right-click on This PC and select Map network share.
  1. Select the drive letter and enter the UNC path, the UNC path format is \\<storageAccountName>.file.core.windows.net\<fileShareName>. For example: \\myaccountname.file.core.windows.net\my-share-name.
  1. Click Finish. All the files and folders in the file share will be listed.
  1. The attributes assigned to the files through cerulean can be viewed in the properties of the files.

Conclusion

In this post, we learned about the file attributes and how Cerulean makes it easy for you to assign attributes to the Files and Folders. We also saw how a File share can be mounted to a Windows machine. In addition to the Azure Storage, Cerulean also supports f Azure services like Cosmos DB, Azure Cognitive Search, Service Bus, Redis Cache, etc. Cerulean helps you to manage these Azure services in a simple and user-friendly manner. Refer https://www.cerebrata.com for the features available in Cerulean for these technology stacks.