Merge pull request #102148 from normesta/normesta-adlsgen2

Streamlining the Data Lake TOC

Author: megvanhuygen

.openpublishing.redirection.json

@@ -45180,6 +45180,16 @@
       "redirect_url": "/azure/storage/common/storage-security-guide",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/storage/blobs/data-lake-storage-quickstart-create-account.md",
+      "redirect_url": "/azure/storage/common/storage-account-create",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/storage/blobs/data-lake-storage-how-to-set-permissions-storage-explorer.md",
+      "redirect_url": "/azure/storage/blobs/data-lake-storage-explorer",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/security/fundamentals/global-admin.md",
       "redirect_url": "/azure/active-directory/authentication/multi-factor-authentication",

articles/storage/blobs/TOC.yml

@@ -619,18 +619,6 @@
     items:
     - name: Analyze data with Databricks
       href: ../blobs/data-lake-storage-quickstart-create-databricks-account.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-    - name: Manage blobs without code
-      items:
-      - name: PowerShell
-        href: storage-quickstart-blobs-powershell.md
-      - name: CLI
-        href: storage-quickstart-blobs-cli.md
-    - name: Develop with blobs
-      items:
-      - name: .NET
-        href: storage-quickstart-blobs-dotnet.md
-      - name: Python
-        href: storage-quickstart-blobs-python.md
   - name: Tutorials
     items:
     - name: Extract, transform, and load data using Azure Databricks
@@ -657,36 +645,12 @@
       href: ../blobs/data-lake-storage-namespace.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
     - name: Best practices
       href: data-lake-storage-best-practices.md
-    - name: Access tiers
-      items:
-      - name: Access tiers
-        href: storage-blob-storage-tiers.md
-      - name: Managing the Azure Blob Storage Lifecycle
-        href: storage-lifecycle-management-concepts.md
-    - name: Security
-      items:
-      - name: Storage security overview
-        href: ../blobs/security-recommendations.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Access control
-        href: data-lake-storage-access-control.md
-    - name: Logging
-      items:
-      - name: Storage analytics
-        href: ../common/storage-analytics.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Storage analytics logs
-        href: ../common/storage-analytics-logging.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-    - name: Event handling
-      href: storage-blob-event-overview.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
+    - name: Access control (directories and files)
+      href: data-lake-storage-access-control.md
   - name: How to
     items:
-    - name: Create and manage storage accounts
-      items:
-      - name: Create a storage account for your Data Lake
-        href: ../blobs/data-lake-storage-quickstart-create-account.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Manage data with Storage Explorer
-        href: ../blobs/data-lake-storage-explorer.md
-      - name: Upgrade a storage account
-        href: ../common/storage-account-upgrade.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
+    - name: Create a storage account for your Data Lake
+      href: ../common/storage-account-create.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
     - name: Manage directories, files, and ACLs
       items:
       - name: .NET
@@ -700,43 +664,7 @@
       - name: CLI
         href: data-lake-storage-directory-file-acl-cli.md
       - name: Storage Explorer
-        href: data-lake-storage-how-to-set-permissions-storage-explorer.md
-    - name: Transfer data
-      items:
-      - name: AzCopy
-        items:
-        - name: Get started
-          href: ../common/storage-use-azcopy-v10.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: Use with Data Lake Storage Gen2
-          href: ../common/storage-use-azcopy-blobs.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: Configure, optimize, troubleshoot
-          href: ../common/storage-use-azcopy-configure.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Use Distcp
-        href: ../blobs/data-lake-storage-use-distcp.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Use Azure Data Factory
-        href: ../../data-factory/load-azure-data-lake-storage-gen2.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-    - name: Secure data
-      items:
-      - name: Configure firewalls and virtual networks
-        href: ../common/storage-network-security.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Configure customer-managed keys for service encryption
-        items:
-        - name: Portal
-          href: ../common/storage-encryption-keys-portal.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: PowerShell
-          href: ../common/storage-encryption-keys-powershell.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: Azure CLI
-          href: ../common/storage-encryption-keys-cli.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Manage access rights with RBAC
-        items:
-        - name: Portal
-          href: ../common/storage-auth-aad-rbac-portal.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: PowerShell
-          href: ../common/storage-auth-aad-rbac-powershell.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-        - name: Azure CLI
-          href: ../common/storage-auth-aad-rbac-cli.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
-      - name: Set file and directory-level permissions
-        href: ../blobs/data-lake-storage-how-to-set-permissions-storage-explorer.md
+        href: data-lake-storage-explorer.md
     - name: Optimize performance
       items:
       - name: Overview
@@ -761,43 +689,16 @@
       href: ../blobs/data-lake-storage-use-power-bi.md?toc=%2fazure%2fstorage%2fblobs%2ftoc.json
   - name: Reference
     items:
-    - name: PowerShell
-      href: /powershell/module/azure.storage
-    - name: Azure CLI
-      href: /cli/azure/storage
     - name: .NET
-      items:
-      - name: Blobs (version 12.x)
-        href: /dotnet/api/azure.storage.blobs
-      - name: Data Movement
-        href: /dotnet/api/microsoft.azure.storage.datamovement
-      - name: Storage Resource Provider
-        href: /dotnet/api/overview/azure/storage/management
+      href: /dotnet/api/azure.storage.files.datalake
     - name: Java
-      items:
-      - name: Blobs (version 12.x)
-        href: https://azuresdkdocs.blob.core.windows.net/$web/java/azure-storage-blob/12.0.0/index.html
-      - name: Blobs (version 8.x)
-        href: /java/api/com.microsoft.azure.storage.blob
-      - name: Storage Resource Provider
-        href: /java/api/overview/azure/storage/management
-    - name: JavaScript (version 12.x)
-      href: /javascript/api/@azure/storage-blob/
-    - name: Python (version 12.x)
-      href: /python/api/azure-storage-blob/
+      href: https://azuresdkdocs.blob.core.windows.net/$web/java/azure-storage-file-datalake/12.0.0-preview.6/index.html
+    - name: Python
+      href: https://azuresdkdocs.blob.core.windows.net/$web/python/azure-storage-file-datalake/12.0.0b5/index.html
+    - name: Javascript
+      href: https://www.npmjs.com/package/@azure/storage-file-datalake/v/12.0.0-preview.6
     - name: REST
-      items:
-      - name: Blobs, Queues, Tables, and Files
-        href: /rest/api/storageservices
-      - name: Data Lake Storage Gen2
-        href: /rest/api/storageservices/data-lake-storage-gen2
-      - name: Resource provider
-        href: /rest/api/storagerp
-      - name: Import/Export
-        href: /rest/api/storageimportexport
-    - name: Resource Manager template
-      displayName: ARM
-      href: /azure/templates/microsoft.storage/allversions
+      href: /rest/api/storageservices/data-lake-storage-gen2
   - name: Resources
     items:
     - name: Known issues

articles/storage/blobs/data-lake-storage-explorer.md

@@ -1,32 +1,35 @@
 ---
 title: 'Use Azure Storage Explorer with Azure Data Lake Storage Gen2'
-description: Learn how to use Azure Storage Explorer to create a file system in an Azure Data Lake Storage Gen2 account, as well as a directory and a file. Next, you learn how to download the file to your local computer, and how to view all of the file in a directory.
+description: Use the Azure Storage Explorer to manage directories and file and directory access control lists (ACL) in storage accounts that has hierarchical namespace (HNS) enabled.
 author: normesta
 ms.subservice: data-lake-storage-gen2
 ms.service: storage
 ms.topic: conceptual
-ms.date: 11/19/2019
+ms.date: 01/23/2019
 ms.author: normesta
 ms.reviewer: stewu
 ---
 
-# Use Azure Storage Explorer with Azure Data Lake Storage Gen2
+# Use Azure Storage Explorer to manage directories, files, and ACLs in Azure Data Lake Storage Gen2
 
-In this article, you'll learn how to use [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/) to create a directory and a blob. Next, you learn how to download the blob to your local computer, and how to view all of the blobs in a directory. You also learn how to create a snapshot of a blob, manage directory access policies, and create a shared access signature.
+This article shows you how to use [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/) to create and manage directories, files, and permissions in storage accounts that has hierarchical namespace (HNS) enabled.
 
 ## Prerequisites
 
-[!INCLUDE [storage-quickstart-prereq-include](../../../includes/storage-quickstart-prereq-include.md)]
-
-This quickstart requires that you install Azure Storage Explorer. To install Azure Storage Explorer for Windows, Macintosh, or Linux, see [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/).
+> [!div class="checklist"]
+> * An Azure subscription. See [Get Azure free trial](https://azure.microsoft.com/pricing/free-trial/).
+> * A storage account that has hierarchical namespace (HNS) enabled. Follow [these](data-lake-storage-quickstart-create-account.md) instructions to create one.
+> * Azure Storage Explorer installed on your local computer. To install Azure Storage Explorer for Windows, Macintosh, or Linux, see [Azure Storage Explorer](https://azure.microsoft.com/features/storage-explorer/).
 
 ## Sign in to Storage Explorer
 
-On first launch, the **Microsoft Azure Storage Explorer - Connect** window is shown. While Storage Explorer provides several ways to connect to storage accounts, only one way is currently supported for managing ACLs.
+When you first start Storage Explorer, the **Microsoft Azure Storage Explorer - Connect** window appears. While Storage Explorer provides several ways to connect to storage accounts, only one way is currently supported for managing ACLs.
 
 |Task|Purpose|
 |---|---|
-|Add an Azure Account | Redirects you to your organizations login page to authenticate you to Azure. Currently this is the only supported authentication method if you want to manage and set ACLs. |
+|Add an Azure Account | Redirects you to your organization's sign-in page to authenticate you to Azure. Currently this is the only supported authentication method if you want to manage and set ACLs.|
+|Use a connection string or shared access signature URI | Can be used to directly access a container or storage account with a SAS token or a shared connection string. |
+|Use a storage account name and key| Use the storage account name and key of your storage account to connect to Azure storage.|
 
 Select **Add an Azure Account** and click **Sign in..**. Follow the on-screen prompts to sign into your Azure account.
 
@@ -38,41 +41,69 @@ When it completes connecting, Azure Storage Explorer loads with the **Explorer**
 
 ## Create a container
 
-Blobs are always uploaded into a directory. This allows you to organize groups of blobs like you organize your files on your computer in folders.
-
-To create a directory, expand the storage account you created in the proceeding step. Select **Blob container**, right-click and select **Create Blob container**. Enter the name for your container. When complete, press **Enter** to create the container. Once the blob directory has been successfully created, it is displayed under the **Blob container** folder for the selected storage account.
+A container holds directories and files. To create one, expand the storage account you created in the proceeding step. Select **Blob Containers**, right-click and select **Create Blob Container**. Enter the name for your container. See the [Create a container](storage-quickstart-blobs-dotnet.md#create-a-container) section for a list of rules and restrictions on naming containers. When complete, press **Enter** to create the container. Once the container has been successfully created, it is displayed under the **Blob Containers** folder for the selected storage account.
 
-![Microsoft Azure Storage Explorer - Creating a container](media/storage-quickstart-blobs-storage-explorer/creating-a-filesystem.png)
+![Microsoft Azure Storage Explorer - Creating a container](media/data-lake-storage-explorer/creating-a-filesystem.png)
 
-## Upload blobs to the directory
+## Create a directory
 
-Blob storage supports block blobs, append blobs, and page blobs. VHD files used to back IaaS VMs are page blobs. Append blobs are used for logging, such as when you want to write to a file and then keep adding more information. Most files stored in Blob storage are block blobs.
+To create a directory, select the container that you created in the proceeding step. In the container ribbon, choose the **New Folder** button. Enter the name for your directory. When complete, press **Enter** to create the directory. Once the directory has been successfully created, it appears in the editor window.
 
-On the directory ribbon, select **Upload**. This operation gives you the option to upload a folder or a file.
+![Microsoft Azure Storage Explorer - Creating a directory](media/data-lake-storage-explorer/creating-a-directory.png)
 
-Choose the files or folder to upload. Select the **blob type**. Acceptable choices are **Append**, **Page**, or **Block** blob.
+## Upload blobs to the directory
 
-If uploading a .vhd or .vhdx file, choose **Upload .vhd/.vhdx files as page blobs (recommended)**.
+On the directory ribbon, chose the **Upload** button. This operation gives you the option to upload a folder or a file.
 
-In the **Upload to folder (optional)** field either a folder name to store the files or folders in a folder under the directory. If no folder is chosen, the files are uploaded directly under the directory.
+Choose the files or folder to upload.
 
-![Microsoft Azure Storage Explorer - upload a blob](media/storage-quickstart-blobs-storage-explorer/uploadblob.png)
+![Microsoft Azure Storage Explorer - upload a blob](media/data-lake-storage-explorer/upload-file.png)
 
 When you select **OK**, the files selected are queued to upload, each file is uploaded. When the upload is complete, the results are shown in the **Activities** window.
 
 ## View blobs in a directory
 
 In the **Azure Storage Explorer** application, select a directory under a storage account. The main pane shows a list of the blobs in the selected directory.
 
-![Microsoft Azure Storage Explorer - list blobs in a directory](media/storage-quickstart-blobs-storage-explorer/listblobs.png)
+![Microsoft Azure Storage Explorer - list blobs in a directory](media/data-lake-storage-explorer/list-files.png)
 
 ## Download blobs
 
-To download blobs using **Azure Storage Explorer**, with a blob selected, select **Download** from the ribbon. A file dialog opens and provides you the ability to enter a file name. Select **Save** to start the download of a blob to the local location.
+To download files by using **Azure Storage Explorer**, with a file selected, select **Download** from the ribbon. A file dialog opens and provides you the ability to enter a file name. Select **Save** to start the download of a file to the local location.
+
+## Managing access
+
+You can set permissions at the root of your container. To do so, you must be logged into Azure Storage Explorer with your individual account with rights to do so (as opposed to with a connection string). Right-click your container and select **Manage Permissions**, bringing up the **Manage Permission** dialog box.
+
+![Microsoft Azure Storage Explorer - Manage directory access](media/storage-quickstart-blobs-storage-Explorer/manageperms.png)
+
+The **Manage Permission** dialog box allows you to manage permissions for owner and the owners group. It also allows you to add new users and groups to the access control list for whom you can then manage permissions.
+
+To add a new user or group to the access control list, select the **Add user or group** field.
+
+Enter the corresponding Azure Active Directory (AAD) entry you wish to add to the list and then select **Add**.
+
+The user or group will now appear in the **Users and groups:** field, allowing you to begin managing their permissions.
+
+> [!NOTE]
+> It is a best practice, and recommended, to create a security group in AAD and maintain permissions on the group rather than individual users. For details on this recommendation, as well as other best practices, see [best practices for Data Lake Storage Gen2](data-lake-storage-best-practices.md).
+
+There are two categories of permissions you can assign: access ACLs and default ACLs.
+
+* **Access**: Access ACLs control access to an object. Files and directories both have access ACLs.
+
+* **Default**: A template of ACLs associated with a directory that determines the access ACLs for any child items that are created under that directory. Files do not have default ACLs.
+
+Within both of these categories, there are three permissions you can then assign on files or directories: **Read**, **Write**, and **Execute**.
+
+>[!NOTE]
+> Making selections here will not set permissions on any currently existing item inside the directory. You must go to each individual item and set the permissions manually, if the file already exists.
+
+You can manage permissions on individual directories, as well as individual files, which are what allows you fine grained access control. The process for managing permissions for both directories and files is the same as described above. Right-click the file or directory you wish to manage permissions on and follow the same process.
 
 ## Next steps
 
-In this quickstart, you learned how to transfer files between a local disk and Azure Blob storage using **Azure Storage Explorer**. To learn about how to set ACLs on your files and directories, continue to our How-to on the subject.
+Learn access control lists in Data Lake Storage Gen2.
 
 > [!div class="nextstepaction"]
-> [How to set ACLs on files and directories](data-lake-storage-how-to-set-permissions-storage-explorer.md)
+> [Access control in Azure Data Lake Storage Gen2](https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-access-control)