From 09448b04becef26fa17124f181befbd0193c6ecd Mon Sep 17 00:00:00 2001 From: Liza Shakury <42377481+LizaShak@users.noreply.github.com> Date: Thu, 6 Feb 2025 18:28:01 +0200 Subject: [PATCH] Documentation on required private endpoints to access hns enabled storage (#1616) --- CHANGELOG.md | 1 + README.md | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e354758af..f9fa81ecd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ **Other Changes** - Optimized listing operation on HNS account to support symlinks. - Optimized Rename operation to do less number of REST calls. +- Add documentation on usage of Private Endpoints with HNS-Enabled Storage Accounts **Features** - Mount container or directory but restrict the view of blobs that you can see. This feature is available only in read-only mount. diff --git a/README.md b/README.md index 1a33fac54..9d4aaca08 100755 --- a/README.md +++ b/README.md @@ -265,6 +265,23 @@ Below diagrams guide you to choose right configuration for your workloads. - Multiple filters can be combined using '&&' and '||' operator as well, however precedence using '()' is not supported yet. - e.g. ```--filter=name=^testfil.* && size>130000000``` +## Using Private Endpoints with HNS-Enabled Storage Accounts + +When accessing an HNS (Hierarchical Namespace) enabled Azure Storage account behind private endpoints, it is crucial to create **two separate private endpoints** to ensure proper connectivity: + +1. **Private Endpoint for DFS** + - Target: `privatelink.dfs.core.windows.net` + - This endpoint is necessary for accessing the Data Lake Storage Gen2 (HNS) functionality. + +2. **Private Endpoint for Blob** + - Target: `privatelink.blob.core.windows.net` + - This endpoint is necessary for accessing Blob Storage operations. + +### Why Both Endpoints Are Required + +HNS-enabled storage accounts utilize separate endpoints for Blob and DFS operations: +- The DFS endpoint (`dfs.core.windows.net`) is used for namespace-related operations like directory and file management. +- The Blob endpoint (`blob.core.windows.net`) is used for operations like streaming data to and from blobs. ## Frequently Asked Questions - How do I generate a SAS with permissions for rename?