Provide shared file storage for the company offices

Here we move from blob storage(bucket of files) to Azure Files (shared folders/office storage for company offices) which act like a shared network drive that employees in different offices can access, but it lives in the cloud.

Employees can connect to it using familiar tools (Windows Explorer, macOS Finder, or Linux mounts) via the SMB protocol (the same one used for shared folders in offices).

Create and configure a storage account for Azure Files.

1. Create a storage account for the finance department’s shared files.

• In the portal, search for and select Storage accounts.
  

• Select + Create.
  

• For Resource group select Create new. Give your resource group a name, RG-FinanceFiles , and select OK to save your changes.
  
  New Resource group created
  

• Provide a Storage account name. Ensure the name meets the naming requirements.financefiles123123
  

• Set the Performance to Premium.
  

• Set the Premium account type to File shares.
  

• Set the Redundancy to Zone-redundant storage.(This ensures copies are spread across zones in the same region for resilience)
  

• Select Review and then Create the storage account. (Premium + ZRS ensures fast, reliable access for employees across offices.)
  

• Wait for the resource to deploy.

• Select Go to resource.
  

Create and configure a file share with directory.

1. Create a file share for the corporate office.

• In the storage account, in the Data storage section, select the File shares blade.
  

• Select + File share and provide a Name. ,corporate-share
  

• Review the other options, but take the defaults.
  

• Select Create
  (_This is the shared folder employees will connect to.
  _)
  

1. Add a directory to the file share for the finance department. For future testing, upload a file.

• Select your file share (corporate-share). and select + Add directory.
  

• Name the new directory finance.
  

• Select Browse and then select the **finance **directory.
  
  

• Notice you can Add directory to further organize your file share.
  

• Upload a file of your choosing.
  (Directories help organize files by department (Finance, HR, etc.).
  

Configure and test snapshots.

Snapshots = point-in-time copies of the file share.
Protects against accidental deletion.
Lets you restore files later.

1. Similar to blob storage, you need to protect against accidental deletion of files. You decide to use snapshots.

• Select your file share.
  

• In the Operations section, select the Snapshots blade.
  

• Select + Add snapshot. The comment is optional.
  

• Select OK.
  

• Select your snapshot and verify your file directory and uploaded file are included.
  Snapshots = safety net for shared files.
  

1. Practice using snapshots to restore a file.

• Return to your file share.
  

• Browse to your file directory.
  

• Locate your uploaded file and in the Properties **pane select **Delete. Select Yes to confirm the deletion.
  

• Select the Snapshots blade and then select your snapshot.
  

• Navigate to the file you want to restore,
  

• Select the file and the select Restore.
  

• Provide a Restored file name.
  Verify your file directory has the restored file.

Configure restricting storage access to selected virtual networks.

For security, you can limit access so only employees inside the company’s network can connect.

1. This tasks in this section require a virtual network with subnet. In a production environment these resources would already be created.

• Search for and select Virtual networks.
  

  • Select Create. Select your resource group. and give the virtual network a name., _ VNet-Finance)_
  • Take the defaults for other parameters, select Review + create, and then Create.

• Wait for the resource to deploy.

• Select Go to resource.
  

  • In the Settings section, select the **Subnets **blade.

• Select the **default **subnet.
  
  

• In the Service endpoints section choose Microsoft.Storage in the Services drop-down.
  
  

• Do not make any other changes.
  
  

• Be sure to Save your changes.
  
  

1. The storage account should only be accessed from the virtual network you just created.

• Return to your files storage account
  

• In the Security + networking section, select the Networking blade.
  

  • Change the Public network access to Enabled from selected virtual networks and IP addresses.

• In the Virtual networks section, select Add existing virtual network.
  

• Select your virtual network and subnet, select Add.
  

• Be sure to Save your changes.
  

  • Select the Storage browser and navigate to your file share.
  • Verify the message not authorized to perform this operation. You are not connecting from the virtual network.

This ensures only employees inside the corporate network can access the file share.

Azure Files = cloud-based shared folders accessible via SMB/NFS.
Premium File Shares = fast performance for office workloads.
Snapshots = protect against accidental deletion.
Virtual Network restrictions = secure access only for employees