Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
azure-storage-file-share
Advanced tools
Microsoft Azure Azure File Share Storage Client Library for Python
Azure File Share storage offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol. Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and macOS. Additionally, Azure file shares can be cached on Windows Servers with Azure File Sync for fast access near where the data is being used.
Azure file shares can be used to:
Source code | Package (PyPI) | Package (Conda) | API reference documentation | Product documentation | Samples
Install the Azure Storage File Share client library for Python with pip:
pip install azure-storage-file-share
If you wish to create a new storage account, you can use the Azure Portal, Azure PowerShell, or Azure CLI:
# Create a new resource group to hold the storage account -
# if using an existing resource group, skip this step
az group create --name my-resource-group --location westus2
# Create the storage account
az storage account create -n my-storage-account-name -g my-resource-group
The Azure Storage File Share client library for Python allows you to interact with four types of resources: the storage account itself, file shares, directories, and files. Interaction with these resources starts with an instance of a client. To create a client object, you will need the storage account's file service URL and a credential that allows you to access the storage account:
from azure.storage.fileshare import ShareServiceClient
service = ShareServiceClient(account_url="https://<my-storage-account-name>.file.core.windows.net/", credential=credential)
You can find the storage account's file service URL using the Azure Portal, Azure PowerShell, or Azure CLI:
# Get the file service URL for the storage account
az storage account show -n my-storage-account-name -g my-resource-group --query "primaryEndpoints.file"
The credential
parameter may be provided in a number of different forms, depending on the type of
authorization you wish to use:
To use a shared access signature (SAS) token,
provide the token as a string. If your account URL includes the SAS token, omit the credential parameter.
You can generate a SAS token from the Azure Portal under "Shared access signature" or use one of the generate_sas()
functions to create a sas token for the storage account, share, or file:
from datetime import datetime, timedelta
from azure.storage.fileshare import ShareServiceClient, generate_account_sas, ResourceTypes, AccountSasPermissions
sas_token = generate_account_sas(
account_name="<storage-account-name>",
account_key="<account-access-key>",
resource_types=ResourceTypes(service=True),
permission=AccountSasPermissions(read=True),
expiry=datetime.utcnow() + timedelta(hours=1)
)
share_service_client = ShareServiceClient(account_url="https://<my_account_name>.file.core.windows.net", credential=sas_token)
To use a storage account shared key (aka account key or access key), provide the key as a string. This can be found in the Azure Portal under the "Access Keys" section or by running the following Azure CLI command:
az storage account keys list -g MyResourceGroup -n MyStorageAccount
Use the key as the credential parameter to authenticate the client:
from azure.storage.fileshare import ShareServiceClient
service = ShareServiceClient(account_url="https://<my_account_name>.file.core.windows.net", credential="<account_access_key>")
Depending on your use case and authorization method, you may prefer to initialize a client instance with a storage
connection string instead of providing the account URL and credential separately. To do this, pass the storage
connection string to the client's from_connection_string
class method:
from azure.storage.fileshare import ShareServiceClient
connection_string = "DefaultEndpointsProtocol=https;AccountName=xxxx;AccountKey=xxxx;EndpointSuffix=core.windows.net"
service = ShareServiceClient.from_connection_string(conn_str=connection_string)
The connection string to your storage account can be found in the Azure Portal under the "Access Keys" section or by running the following CLI command:
az storage account show-connection-string -g MyResourceGroup -n MyStorageAccount
The following components make up the Azure File Share Service:
The Azure Storage File Share client library for Python allows you to interact with each of these components through the use of a dedicated client object.
This library includes a complete async API supported on Python 3.5+. To use it, you must first install an async transport, such as aiohttp. See azure-core documentation for more information.
Async clients and credentials should be closed when they're no longer needed. These
objects are async context managers and define async close
methods.
Four different clients are provided to interact with the various components of the File Share Service:
get_share_client
method.get_directory_client
or get_file_client
methods.get_subdirectory_client
and get_file_client
functions.For details on path naming restrictions, see Naming and Referencing Shares, Directories, Files, and Metadata.
The following sections provide several code snippets covering some of the most common Storage File Share tasks, including:
Create a file share to store your files
from azure.storage.fileshare import ShareClient
share = ShareClient.from_connection_string(conn_str="<connection_string>", share_name="myshare")
share.create_share()
Use the async client to create a file share
from azure.storage.fileshare.aio import ShareClient
share = ShareClient.from_connection_string(conn_str="<connection_string>", share_name="myshare")
await share.create_share()
Upload a file to the share
from azure.storage.fileshare import ShareFileClient
file_client = ShareFileClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", file_path="my_file")
with open("./SampleSource.txt", "rb") as source_file:
file_client.upload_file(source_file)
Upload a file asynchronously
from azure.storage.fileshare.aio import ShareFileClient
file_client = ShareFileClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", file_path="my_file")
with open("./SampleSource.txt", "rb") as source_file:
await file_client.upload_file(source_file)
Download a file from the share
from azure.storage.fileshare import ShareFileClient
file_client = ShareFileClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", file_path="my_file")
with open("DEST_FILE", "wb") as file_handle:
data = file_client.download_file()
data.readinto(file_handle)
Download a file asynchronously
from azure.storage.fileshare.aio import ShareFileClient
file_client = ShareFileClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", file_path="my_file")
with open("DEST_FILE", "wb") as file_handle:
data = await file_client.download_file()
await data.readinto(file_handle)
List all directories and files under a parent directory
from azure.storage.fileshare import ShareDirectoryClient
parent_dir = ShareDirectoryClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", directory_path="parent_dir")
my_list = list(parent_dir.list_directories_and_files())
print(my_list)
List contents of a directory asynchronously
from azure.storage.fileshare.aio import ShareDirectoryClient
parent_dir = ShareDirectoryClient.from_connection_string(conn_str="<connection_string>", share_name="myshare", directory_path="parent_dir")
my_files = []
async for item in parent_dir.list_directories_and_files():
my_files.append(item)
print(my_files)
Optional keyword arguments that can be passed in at the client and per-operation level.
Use the following keyword arguments when instantiating a client to configure the retry policy:
retry_total=0
if you do not want to retry on requests. Defaults to 10.False
.Other optional configuration keyword arguments that can be specified on the client or per-operation.
Client keyword arguments:
Per-operation keyword arguments:
headers={'CustomValue': value}
Storage File clients raise exceptions defined in Azure Core.
This list can be used for reference to catch thrown exceptions. To get the specific error code of the exception, use the error_code
attribute, i.e, exception.error_code
.
This library uses the standard logging library for logging. Basic information about HTTP sessions (URLs, headers, etc.) is logged at INFO level.
Detailed DEBUG level logging, including request/response bodies and unredacted
headers, can be enabled on a client with the logging_enable
argument:
import sys
import logging
from azure.storage.fileshare import ShareServiceClient
# Create a logger for the 'azure.storage.fileshare' SDK
logger = logging.getLogger('azure.storage.fileshare')
logger.setLevel(logging.DEBUG)
# Configure a console output
handler = logging.StreamHandler(stream=sys.stdout)
logger.addHandler(handler)
# This client will log detailed information about its HTTP sessions, at DEBUG level
service_client = ShareServiceClient.from_connection_string("your_connection_string", logging_enable=True)
Similarly, logging_enable
can enable detailed logging for a single operation,
even when it isn't enabled for the client:
service_client.get_service_properties(logging_enable=True)
Get started with our File Share samples.
Several Storage File Share Python SDK samples are available to you in the SDK's GitHub repository. These samples provide example code for additional scenarios commonly encountered while working with Storage File Share:
file_samples_hello_world.py (async version) - Examples found in this article:
file_samples_authentication.py (async version) - Examples for authenticating and creating the client:
file_samples_service.py (async version) - Examples for interacting with the file service:
file_samples_share.py (async version) - Examples for interacting with file shares:
file_samples_directory.py (async version) - Examples for interacting with directories:
file_samples_client.py (async version) - Examples for interacting with files:
For more extensive documentation on Azure File Share storage, see the Azure File Share storage documentation on docs.microsoft.com.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Premium
enum value in access_tier
for create_share
and set_share_properties
APIs.file_permission_format
to specify permission format for File's copy_file
API.provisioned_iops
and provisioned_bandwidth_mibps
for
ShareClient
and ShareServiceClient
's create_share
APIs; provisioned_max_iops
and provisioned_max_bandwidth_mibps
for ShareClient
's set_share_properties
API; and retrieve included_burst_iop
, max_burst_credits_for_iops
,
next_provisioned_iops_downgrade
and next_provisioned_bandwidth_downgrade
through get_share_properties
API.
ShareServiceClient
's list_shares
API returns the new properties through get_share_properties
for each share.paid_bursting_enabled
, paid_bursting_bandwidth_mibps
, and paid_bursting_iops
for Share's
create_share
and set_share_properties
APIs, and also retrieve them on the get_share_properties
API.file_permission_format
to specify permission format for Share's create_permission_for_share
and
get_permission_for_share
APIs; File's create_file
, rename_file
, and set_http_headers
APIs; and
Directory's rename_directory
and set_http_headers
APIs.azure-core
dependency to 1.30.0.This version and all future versions will require Python 3.8+. Python 3.7 is no longer supported.
exists
method to ShareFileClient
to check if a file exists.services
parameter has been added to the generate_account_sas
API, which enables the ability to generate SAS
tokens to be used with multiple services. By default, the SAS token service scope will default to the current service.client_name
property to Handle
.support_rename
to get_ranges_diff()
ShareDirectoryClient
returned by get_subdirectory_client
with a ShareDirectoryClient
pointing to the root of the file share would raise an InvalidResourceName
on any operations.typing-extensions
to >=4.6.0
to avoid potential TypeError
with typing.TypeVar
on
Python 3.12.AttributeError
instead of ClientAuthenticationError
when
using async OAuth credentials.delete_snapshots
to delete_share
API did not support all possible enums. This change
makes delete_snapshots
now accept string literals 'include' and 'include-leased'.InvalidHeaderValue
due to improper precision parsing.audience
as an optional keyword that can be specified on APIs that have a credential
parameter. This
keyword only has an effect when the credential provided is of type TokenCredential
.credential
during client construction, the
__str__
of the object would be present in the exception message and therefore potentially logged.KeyError: 'sdk_moniker'
in create_configuration
.
NOTE: This is not an exported method and therefore should not be imported/called directly.access_rights
property to Handle
.TokenCredential
to be used for authentication. A TokenCredential
can be provided for the
credential
parameter to any client constructor. Note: When using a TokenCredential
, the new keyword parameter
token_intent
is required and must be provided. Additionally, this form of authentication is only supported for
certain operations in the Data Plane SDK.allow_trailing_dot
and allow_source_trailing_dot
on client construction. When
allow_trailing_dot
is provided, the service will not silently remove any trailing .
character from directory/file
names for all operations made from that client. allow_source_trailing_dot
will apply this same rule to source files
when performing a rename or copy operation.AsyncIterable
as data type for async file upload.name_starts_with
was not being passed to the service properly for the list_shares
async APImsrest
dependency.typing-extensions>=4.0.1
as a dependency.isodate>=0.6.1
as a dependency.aio
for installing optional async dependencies. Use pip install azure-storage-file-share[aio]
to install.ValueError
for invalid content range that gets raised when downloading empty files through Azurite.download_file
with an invalid base64-encoded account key would raise an
AttributeError
rather than the proper AzureSigningError
.read_timeout
to 60 seconds for all clients.This version and all future versions will require Python 3.7+. Python 3.6 is no longer supported.
AzureNamedKeyCredential
as a valid credential
type.upload_file()
and download_file()
via a new optional callback, progress_hook
.file_change_time
to start_copy_from_url
APIcreate_directory()
including file_attributes
, file_creation_time
,
file_last_write_time
, file_permission
and file_permission_key
.content_type
on rename_file()
.file_change_time
on create_directory()
, set_http_headers()
(directory)
rename_directory()
, create_file()
, set_http_headers()
(file) and rename_file()
.file_last_write_mode
on upload_range()
and upload_range_from_url()
with possible values of Now
or Preserve
.create_share()
docstring to have the correct return-type of None
This version and all future versions will require Python 3.6+. Python 2.7 is no longer supported.
exists()
.rename_directory()
and rename_file()
.Create (c)
SAS permission for Share SAS.start_copy_from_url()
was not sending the ignore_read_only
parameter correctly.This version and all future versions will require Python 3.6+. Python 2.7 is no longer supported.
rename_directory()
and rename_file()
.Create (c)
SAS permission for Share SAS.azure-core
dependency to avoid inconsistent dependencies from being installed.generate_account_sas()
was not generating the proper SAS signature.exists()
.Stable release of preview features
New features
Fixes
New features
New features
Fixes
AccountName
, AccountKey
etc. in conn_str case insensitivedownloader.chunks()
return chunks in different size (#9419, #15648)ThreadPoolExecutor
(#8955)Fixes
Stable release of preview features
AzureSasCredential
to allow SAS rotation in long living clients.New features
Stable release of preview features
get_ranges
on ShareFileClientNew features
set_share_properties
which allows setting share tier.Notes
azure-core
from azure-core<2.0.0,>=1.2.2 to azure-core<2.0.0,>=1.9.0 to get continuation_token attr on AzureError.New features
Stable release of preview features
undelete_share
on FileShareServiceClient.New features
undelete_share
on FileShareServiceClient so that users can restore deleted share on share soft delete enabled account. Users can also list deleted shares when list_shares
by specifying include_deleted=True
.Fixes
Notes
StorageUserAgentPolicy
is now replaced with the UserAgentPolicy
from azure-core. With this, the custom user agents are now added as a prefix instead of being appended.New features
api_version
parameter to clients.ShareLeaseClient
was introduced to both sync and async versions of the SDK, which allows users to perform operations on file leases.failed_handles_count
info was included in close_handle
and close_all_handles
result.list_shares
and get_share_properties
.start_copy_from_url
parameters - file_permission
, permission_key
, file_attributes
, file_creation_time
, file_last_write_time
, ignore_read_only
, and set_archive_attribute
.Fixes and improvements
clear_range
API was not working.Fixes
New features
delete_directory
method to the share_client
.close()
method to close the sockets opened by the client when using without a context manager.Fixes and improvements
Breaking changes
close_handle(handle)
and close_all_handles()
no longer return int. These functions return a dictionary which has the number of handles closed and number of handles failed to be closed.Important: This package was previously named azure-storage-file
Going forward, to use this SDK, please install azure-storage-file-share
.
Additionally:
azure.storage.fileshare
.FileServiceClient
has been renamed to ShareServiceClient
.DirectoryClient
has been renamed to ShareDirectoryClient
.FileClient
has been renamed to ShareFileClient
.Additional Breaking changes
ShareClient
now accepts only account_url
with mandatory a string param share_name
.
To use a share_url, the method from_share_url
must be used.ShareDirectoryClient
now accepts only account_url
with mandatory string params share_name
and directory_path
.
To use a directory_url, the method from_directory_url
must be used.ShareFileClient
now accepts only account_url
with mandatory string params share_name
and
file_path
. To use a file_url, the method from_file_url
must be used.file_permission_key
parameter has been renamed to permission_key
set_share_access_policy
has required parameter signed_identifiers
.NoRetry
policy has been removed. Use keyword argument retry_total=0
for no retries.ShareServiceClient
, ShareClient
, ShareDirectoryClient
and ShareFileClient
should be imported from azure.storage.fileshare.aioloop
max_concurrency
validate_content
timeout
etc.azure.storage.fileshare
and azure.storage.fileshare.aio
only.generate_shared_access_signature
methods on each of ShareServiceClient
, ShareClient
and ShareFileClient
have been replaced by module level functions generate_account_sas
, generate_share_sas
and generate_file_sas
.start_range
and end_range
params are now renamed to and behave likeoffset
and length
in
the following APIs:
StorageStreamDownloader
is no longer iterable. To iterate over the file data stream, use StorageStreamDownloader.chunks
.StorageStreamDownloader
have been limited to:
name
(str): The name of the file.path
(str): The full path of the file.share
(str): The share the file will be downloaded from.properties
(FileProperties
): The properties of the file.size
(int): The size of the download. Either the total file size, or the length of a subsection if specified. Previously called download_size
.StorageStreamDownloader
now has new functions:
readall()
: Reads the complete download stream, returning bytes. This replaces the functions content_as_bytes
and content_as_text
which have been deprecated.readinto(stream)
: Download the complete stream into the supplied writable stream, returning the number of bytes written. This replaces the function download_to_stream
which has been deprecated.ShareFileClient.close_handles
and ShareDirectoryClient.close_handles
have both been replaced by two functions each; close_handle(handle)
and close_all_handles()
. These functions are blocking and return integers (the number of closed handles) rather than polling objects.get_service_properties
now returns a dict with keys consistent to set_service_properties
New features
ResourceTypes
, NTFSAttributes
, and Services
now have method from_string
which takes parameters as a string.Breaking changes
AccountPermissions
, SharePermissions
and FilePermissions
have been renamed to
AccountSasPermissions
, ShareSasPermissions
and FileSasPermissions
respectively.__add__
and __or__
methods are removed.max_connections
is now renamed to max_concurrency
.New features
AccountSasPermissions
, FileSasPermissions
, ShareSasPermissions
now have method from_string
which
takes parameters as a string.New features
Dependency updates
Adopted azure-core 1.0.0b3
pip install azure-core==1.0.0b2 azure-storage-file==12.0.0b2
Fixes and improvements
Breaking changes
copy_file_from_url
to start_copy_from_url
and changed behaviour to return a dictionary of copy properties rather than a polling object. Status of the copy operation can be retrieved with the get_file_properties
operation.abort_copy
operation to the FileClient
class. This replaces the previous abort operation on the copy status polling operation.marker
parameter has been removed.by_page
function that will return a secondary iterator of batches of results. This function supports a continuation_token
parameter to replace the previous marker
parameter.receive_messages
operation:
by_page
operation to receive messages in batches.New features
azure.storage.file.aio
.Dependency updates
Adopted azure-core 1.0.0b2
pip install azure-core==1.0.0b1 azure-storage-file==12.0.0b1
Fixes and improvements
Version 12.0.0b1 is the first preview of our efforts to create a user-friendly and Pythonic client library for Azure Storage Files. For more information about this, and preview releases of other Azure SDK libraries, please visit https://aka.ms/azure-sdk-preview1-python.
Breaking changes: New API design
Operations are now scoped to a particular client:
FileServiceClient
: This client handles account-level operations. This includes managing service properties and listing the shares within an account.ShareClient
: The client handles operations for a particular share. This includes creating or deleting that share, as well as listing the directories within that share, and managing properties and metadata.DirectoryClient
: The client handles operations for a particular directory. This includes creating or deleting that directory, as well as listing the files and subdirectories, and managing properties and metadata.FileClient
: The client handles operations for a particular file. This includes creating or deleting that file, as well as upload and download data and managing properties.These clients can be accessed by navigating down the client hierarchy, or instantiated directly using URLs to the resource (account, share, directory or file). For full details on the new API, please see the reference documentation.
The copy file operation now returns a polling object that can be used to check the status of the operation, as well as abort the operation.
The close_handles
operation now return a polling object that can be used to check the status of the operation.
Download operations now return a streaming object that can download data in multiple ways:
content_as_bytes
: Return the entire file content as bytes. Blocking operation that supports multi-threaded download.content_as_text
: Return the entire file content as decoded text. Blocking operation that supports multi-threaded download.download_to_stream
: Download the entire content to an open stream handle (e.g. an open file). Supports multi-threaded download.New underlying REST pipeline implementation, based on the new azure.core
library.
Client and pipeline configuration is now available via keyword arguments at both the client level, and per-operation. See reference documentation for a full list of optional configuration arguments.
New error hierarchy:
azure.core.exceptions.HttpResponseError
ResourceNotFoundError
: The resource (e.g. queue, message) could not be found. Commonly a 404 status code.ResourceExistsError
: A resource conflict - commonly caused when attempting to create a resource that already exists.ResourceModifiedError
: The resource has been modified (e.g. overwritten) and therefore the current operation is in conflict. Alternatively this may be raised if a condition on the operation is not met.ClientAuthenticationError
: Authentication failed.Operation set_file_properties
has been renamed to set_http_headers
.
Operations get_file_to_<output>
have been replaced with download_file
. See above for download output options.
Operations create_file_from_<input>
have been replace with upload_file
.
Operations get_share_acl
and set_share_acl
have been renamed to get_share_access_policy
and set_share_access_policy
.
Operation set_share_properties
has been renamed to set_share_quota
.
Operation snapshot_share
has been renamed to create_snapshot
.
Operation copy_file
has been renamed to copy_file_from_url
.
No longer have specific operations for get_metadata
- use get_properties
instead.
No longer have specific operations for exists
- use get_properties
instead.
Operation update_range
has been renamed to upload_range
.
FAQs
Microsoft Azure Azure File Share Storage Client Library for Python
We found that azure-storage-file-share demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.