Setting Up Azure File Share with Snapshots and Secure Access

Azure Files is a great solution when you need shared file storage in the cloud — just like a network file share, but hosted and managed by Azure. In this guide, I’ll walk you through how to:

• Create a Premium Storage Account for Azure Files
• Set up a File Share with directories and uploaded files
• Enable Snapshots for recovery
• Restrict access using Virtual Networks

This is a perfect setup for teams like Finance, who need secure, high-performance, and recoverable shared storage.

📦 Step 1: Create the Azure Storage Account

1. Go to the Azure Portal.
2. Search for and select Storage accounts.
3. Click + Create.
4. Create a new resource group (e.g., storage-rg).
5. Enter a unique name for the storage account (e.g., ezekielstorageaccount).
6. Set:

• Performance: Premium
• Premium account type: File shares
• Redundancy: Zone-redundant storage (ZRS)
  1. Click Review + Create, then Create.
  2. After deployment, click Go to resource.

✅ Why Premium? Premium storage gives low-latency and high-throughput — perfect for file sharing.

---

📁 Step 2: Create a File Share and Add Directory

1. In your storage account, go to File shares under Data storage.
2. Click + File share.
3. Enter a name like ezekiel-file-share and click Create.
4. Once created, click the file share, then + Add directory.
5. Name the directory finance.

💡 You can organize your file shares using folders, just like on a traditional file server.

⬆️ Step 3: Upload a File

1. Open the finance directory.
2. Click Upload and choose any test file (e.g., a .txt or .pdf).
3. Upload the file.

Now, your file share has a folder and a test file — ready to be backed up and secured.

---

🕒 Step 4: Enable and Test Snapshots

Snapshots in Azure Files help you restore previous versions of files or recover deleted files.

1. Go to the file share → select the Snapshots tab under Operations.
2. Click + Add snapshot → click OK.
3. Select the snapshot and ensure your finance folder and file are included.

🧪 Test Restoring a File from Snapshot

1. Go back to your file share → open the finance folder.
2. Delete the uploaded file (click the file → Delete → Yes).
3. Return to the Snapshots tab → open the snapshot.
4. Navigate to the deleted file → click Restore.
5. Give it a new name (e.g., my-upload) and restore.
6. Go back to your file share and confirm the restored file is there.

📌 Snapshots are point-in-time copies — great for protecting against accidental deletion.

---

🔐 Step 5: Restrict Access Using Virtual Network

Let’s now restrict access so that only users within a specific virtual network (VNet) can connect to this storage account.

🌐 Create a Virtual Network

1. In the portal, search for Virtual networks → click + Create.
2. Use your storage account’s resource group.
3. Name it something like storage-vnet.
4. Click Review + Create, then Create.

🔁 Add a Service Endpoint

1. After deployment, go to your VNet → Subnets.
2. Click on the default subnet.
3. Under Service endpoints, select Microsoft.Storage.
4. Click Save.

This allows the VNet to securely connect to Azure Storage.

---

🔒 Limit Access in the Storage Account

1. Go back to your storage account → go to Networking under Security + networking.
2. Set Public network access to: ➤ Enabled from selected virtual networks and IP addresses
3. In the Virtual networks section, click Add existing virtual network.
4. Choose storage-vnet and its default subnet → click Add.
5. Save your changes.

🔍 Step 6: Test the Security

Try accessing the file share from the Storage browser in the portal. You should see an error like:

❌ “Not authorized to perform this operation.”

This confirms your restriction is working — access is allowed only from inside your VNet.

---

✅ Summary

Here’s what we achieved:

Feature	Configuration
Storage Type	Premium, ZRS
File Share	corporate-share with finance folder
Upload File	Test file uploaded
Snapshots	Enabled and tested file recovery
VNet Restriction	Access allowed only from finance-vnet
File Recovery	Manual restore from snapshot tested

---

Azure Files is powerful when you want cloud-based shared folders with backup, access control, and high availability — all without managing servers. This setup is a great starting point for securely storing and managing corporate documents.