In a world where teams are geographically dispersed but need to stay perfectly in sync, local hardware just doesn't cut it anymore. Welcome to your roadmap for building a rock-solid Azure Files infrastructure; designed for high-speed collaboration, protected by instant snapshots, and locked down behind a private virtual network.
Today, we will be working with a company that is geographically dispersed with offices in different locations. The offices need a way to share files and disseminate information. For example, the Finance department needs to confirm cost information for auditing and compliance. These files should be easy to access and load without delay. Some content should only be accessed from selected corporate virtual networks.
Let's get to it!
PHASE 1: Create a storage account for the finance department’s shared files
Action plan
1 : In the Azure portal, search for and select Storage accounts.
2 : Select + Create.
3 : For Resource group, select Create new. Give your resource group a name and select OK to save your changes. Proceed to provide a Storage account name. Set the Performance to Premium. Set the Premium account type to File shares. Set the Redundancy to Zone-redundant storage. Select Review + Create.
4 : Select Create.
5 : Wait for the resource to deploy. Select Go to resource.
PHASE 2: Create and configure a file share with directory.
Action plan
1 : Create a file share for the corporate office. In the storage account, in the Data storage section, select the File shares blade.Select + File share
2 : Proceed to provide a Name. Review the other options, but take the defaults. Select Review + Create. Select Create
3 : We will add a directory to the file share for the finance department. Select your file share and select +Add directory.
Name the new directory finance.
4 : Select Browse and then select the finance directory. Notice you can Add directory to further organize your file share. Upload a file of your choosing.
PHASE 3: Configure and test snapshots. This is similar to blob storage, you need to protect against accidental deletion of files. We decide to use snapshots.
Action plan
1 : Select your file share. In the Operations section, select the Snapshots blade. Select + Add snapshot.
2: The comment is optional. Select OK.
3 : Select your snapshot and verify your file directory and uploaded file are included. In the Properties pane select Delete. Select Yes to confirm the deletion.
4 : Practice using snapshots to restore a file. Return to your file share. Browse to your file directory. Locate your uploaded file.
5 : Select the Snapshots blade and then select your snapshot. Navigate to the file you want to restore. Select the file and then select Restore. Provide a Restored file name. Verify your file directory has the restored file.
PHASE 4: Configure restricting storage access to selected virtual networks. This task in this section require a virtual network with subnet.
Action plan
1 : Search for and select Virtual networks. Select Create. Select your resource group and give the virtual network a name. Take the defaults for other parameters, select Review + create, and then Create. Wait for the resource to deploy.
Select Go to resource.
2 : The storage account should only be accessed from the virtual network we just created. Return to your files storage account. In the Security + networking section, select the Networking blade. Change the Public network access to Enabled from selected virtual networks and IP addresses. In the Virtual networks section, select Add existing virtual network. Select your virtual network and subnet, select Add. Be sure to Save your changes. Select the Storage browser and navigate to your file share. Verify the message not authorized to perform this operation. You are not connecting from the virtual network.
Conclusion : By completing this tutorial, we have successfully established a high-performance, enterprise-grade storage environment specifically engineered for secure corporate data sharing. We began by deploying a premium, zone-redundant storage account and organizing it with dedicated file shares and directories to ensure the finance department's auditing data remains easily accessible yet highly structured. To safeguard against data loss, we implemented a snapshot strategy and verified that files can be restored instantly, providing a vital safety net against accidental deletions. Finally, we hardened the entire infrastructure by restricting access exclusively to our authorized virtual network, ensuring the company's information is protected from unauthorized external connections.
MISSION ACCOMPLISHED!
Top comments (0)