Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure NetApp Files supports access to S3 objects with the object REST API feature. With the object REST API feature, you can connect to services including Azure AI Search, Azure AI Foundry, Azure Databricks, OneLake, and others.
Register the feature
The object REST API feature in Azure NetApp Files is currently in preview. You must submit a waitlist request to use the object REST API feature. Activation takes approximately one week. An email notification is sent to confirm your enrollment in the preview.
Create the self-signed certificate
You must generate a PEM-formatted SSL certificate. You can create the SSL certificate in the Azure portal or with a script.
See the Azure Key Vault documentation for adding a certificate to Key Vault.
When creating the certificate, ensure:
- the Content Type is set to PEM
- the Subject field is set to the IP address or fully qualified ___domain name (FQDN) of your Azure NetApp Files endpoint using the format
"CN=<IP or FQDN>" - the DNS Names entry specifies the IP address or FQDN
Create a bucket
To enable object REST API, you must create a bucket.
From your NetApp volume, select Buckets.
To create a bucket, select +Create.
Provide the following information for the bucket:
Name
Specify the name for your bucket. Refer to Naming rules and restrictions for Azure resources for naming conventions.
Path
The subdirectory path for object REST API. For full volume access, leave this field blank or use
/for the root directory.User ID (UID)
The UID used to read the bucket.
Group ID (GID)
The GID used to read the bucket.
Permissions
Select Read or Read-Write.
If you haven't provided a certificate, upload your PEM file.
To upload a certificate, provide the following information:
Fully qualified ___domain name
Enter the fully qualified ___domain name.
Certificate source
Upload the appropriate certificate. Only PEM files are supported.
Select Save.
Select Create.
After you create a bucket, you need to generate credentials to access the bucket.
Update bucket access
You can modify a bucket's access management settings.
- From your NetApp volume, select Buckets.
- Select +Create.
- Enter the name of the bucket you want to modify.
- Change the access management settings as required.
- You can modify the User ID, Group ID, Username (for SMB or dual-protocol volumes), and Permissions.
- Click Save to modify the existing bucket.
Note
You cannot modify a bucket’s path. To update a bucket’s path, delete and re-create the bucket with the new path.
Generate credentials
- Navigate to your newly created bucket. Select Generate keys.
- Enter the desired Access key lifespan in days then select Generate keys. After you select Generate keys, the portal displays the access key and secret access key.
Important
The access key and secret access key are only displayed once. Store the keys securely. Do not share the keys.
- After you set the credentials, you can generate a new access key and secret access key by selecting the
...menu then selecting Generate access keys. Generating new keys immediately invalidates the existing keys.
Delete a bucket
Deleting a bucket is a permanent operation. You can't recover the bucket after deleting it.
- In your NetApp account, navigate to Buckets.
- Select the checkbox next to the bucket you want to delete.
- Select Delete.
- In the modal, select Delete to confirm you want to delete the bucket.