What Is Azure ADLS Gen2?
Azure Data Lake Storage Gen2 (ADLS Gen2) is Microsoft's enterprise object storage service for data lakes and lakehouses on Azure. It combines Azure Blob Storage's unlimited scale and cost efficiency with a hierarchical namespace (enabling true directory semantics and atomic directory operations) and POSIX ACLs (file and directory-level permissions compatible with Hadoop security models).
For Apache Iceberg lakehouses on Azure, ADLS Gen2 is the recommended storage backend. Iceberg data files (Parquet) and metadata files (Avro manifests, JSON table metadata) are stored as ADLS Gen2 blobs in containers, accessed via the ABFS (Azure Blob File System) protocol using the abfss:// URI scheme.
ADLS Gen2 vs Amazon S3
| Feature | ADLS Gen2 | Amazon S3 |
|---|---|---|
| Namespace | Hierarchical (true directories) | Flat (prefix-simulated directories) |
| Auth integration | Azure AD / Entra ID | AWS IAM |
| Access control | POSIX ACLs + RBAC | IAM + Bucket Policies |
| Atomic rename | Yes (directory level) | No (copy + delete) |
| Durability | 16 nines (LRS/ZRS/GRS) | 11 nines (standard) |
ADLS and Dremio Cloud on Azure
Dremio Cloud on Azure uses ADLS Gen2 as the BYOS (Bring Your Own Storage) backend. Organizations connect their own ADLS Gen2 containers to Dremio Cloud, and Dremio's managed execution engines read and write Iceberg tables in those containers. Azure AD service principals and managed identities handle authentication, with Dremio's Open Catalog providing credential vending for per-table scoped access.
Summary
Azure Data Lake Storage Gen2 is the storage foundation for Azure-based data lakehouses. Its hierarchical namespace, Azure AD integration, and POSIX ACLs make it enterprise-ready for governed Apache Iceberg deployments. For organizations standardizing on Microsoft Azure, ADLS Gen2 provides the same decoupled storage-and-compute benefits as Amazon S3 with Azure-native identity and security integration.