Provide shared file storage for the company offices

Source: Dev.to

Overview

In a world where teams are geographically dispersed but need to stay perfectly in sync, local hardware alone isn’t enough. This guide walks through building a high‑performance Azure Files infrastructure that supports fast collaboration, instant snapshots, and access restricted to a private virtual network.

Create a Premium Storage Account

1. In the Azure portal, search for Storage accounts and select + Create.
2. Choose a Resource group (create a new one if needed) and give it a name.
3. Provide a Storage account name.
4. Set Performance to Premium and Account kind to FileStorage.
5. Set Redundancy to Zone‑redundant storage (ZRS).
6. Click Review + create, then Create.
7. After deployment, select Go to resource.

Create a File Share for the Corporate Office

1. In the storage account, go to Data storage → File shares.
2. Click + File share, give it a name (e.g., corporate-share), keep the default options, and select Create.

Add a Directory for the Finance Department

1. Open the newly created file share and click + Add directory.
2. Name the directory finance.
3. Inside the finance directory, you can add additional sub‑directories as needed and upload files.

Configure and Test Snapshots

Snapshots protect against accidental deletion.

1. In the file share, select Snapshots under the Operations section and click + Add snapshot.
2. (Optional) Add a comment, then click OK.
3. To verify, select the snapshot and confirm that the finance directory and uploaded files are present.
4. Delete a file from the share, then use the snapshot to restore it:
   • Return to the file share, browse to the finance directory.
   • Open Snapshots, select the relevant snapshot, locate the file, click Restore, provide a restored file name, and confirm the file appears in the directory.

Restrict Storage Access to Selected Virtual Networks

Create a Virtual Network

1. Search for Virtual networks and click Create.
2. Choose the same resource group, give the virtual network a name, accept the default settings, and click Review + create, then Create.
3. After deployment, select Go to resource.

Limit Storage Account Access

1. Return to the storage account.
2. In Security + networking → Networking, set Public network access to Enabled from selected virtual networks and IP addresses.
3. Under Virtual networks, click Add existing virtual network, select the virtual network and its subnet, then click Add.
4. Save the changes.
5. Verify that accessing the file share from outside the virtual network results in a “not authorized” error.

Conclusion

By completing this tutorial, you have:

• Deployed a premium, zone‑redundant Azure Files storage account.
• Organized the share with dedicated directories for the finance department.
• Implemented a snapshot strategy to protect against data loss and enable instant restores.
• Hardened the environment by restricting access to a specific virtual network, ensuring secure corporate data sharing.

Mission accomplished!