Documentation on required private endpoints to access hns enabled sto…

…rage (#1616)

CHANGELOG.md

@@ -10,6 +10,7 @@
 **Other Changes**
 - Optimized listing operation on HNS account to support symlinks.
 - Optimized Rename operation to do less number of REST calls.
+- Add documentation on usage of Private Endpoints with HNS-Enabled Storage Accounts
 
 **Features**
 - Mount container or directory but restrict the view of blobs that you can see. This feature is available only in read-only mount.

README.md

@@ -265,6 +265,23 @@ Below diagrams guide you to choose right configuration for your workloads.
 - Multiple filters can be combined using '&&' and '||' operator as well, however precedence using '()' is not supported yet.
     - e.g. ```--filter=name=^testfil.* && size>130000000```
 
+## Using Private Endpoints with HNS-Enabled Storage Accounts
+
+When accessing an HNS (Hierarchical Namespace) enabled Azure Storage account behind private endpoints, it is crucial to create **two separate private endpoints** to ensure proper connectivity:
+
+1. **Private Endpoint for DFS**  
+   - Target: `privatelink.dfs.core.windows.net`  
+   - This endpoint is necessary for accessing the Data Lake Storage Gen2 (HNS) functionality.
+
+2. **Private Endpoint for Blob**  
+   - Target: `privatelink.blob.core.windows.net`  
+   - This endpoint is necessary for accessing Blob Storage operations.
+
+### Why Both Endpoints Are Required
+
+HNS-enabled storage accounts utilize separate endpoints for Blob and DFS operations:
+- The DFS endpoint (`dfs.core.windows.net`) is used for namespace-related operations like directory and file management.
+- The Blob endpoint (`blob.core.windows.net`) is used for operations like streaming data to and from blobs.
 
 ## Frequently Asked Questions
 - How do I generate a SAS with permissions for rename?