In this lab, I explored how to provide shared file storage in Azure that’s optimized for speed, structure, and security. The goal was to create a space where teams like Finance could access important documents — easily from approved networks — while keeping everything secure, organized, and recoverable.

Let me walk you through what I did.

🧠 Scenario

The company has multiple geographically dispersed offices that need a central place to share files. For example, Finance must confirm cost info for audits and compliance. The solution needed to be:

  • Fast-loading for users
  • Organized into directories
  • Recoverable in case of accidental deletions
  • Accessible only from approved networks

🛠️ Skilling Tasks

  • ✅ Create a premium storage account for Azure Files
  • ✅ Add a file share and directory
  • ✅ Enable file-level snapshots and test recovery
  • ✅ Restrict storage access to a specific virtual network

🔧 Step-by-Step Guide

🔹 Step 1: Create a Premium Storage Account for File Shares

  1. I went to Storage accounts and clicked + Create.
  2. Created a new resource group: storagerg.
  3. Named the storage account az104bobstg1 (ensuring uniqueness).
  4. Set Performance to Premium and Premium account type to File shares.
  5. Chose Zone-redundant storage (ZRS) for durability across zones.
  6. Clicked Review + Create, then Create.

⚙️ This gives me high-performance file storage optimized for low latency and frequent access.

🔹 Step 2: Create the File Share and Directory Structure

Once the storage account was ready:

  1. I navigated to File shares and clicked + File share.
  2. Named the share testfileshare and created it.
  3. Inside the share, I added a new directory called finance.
  4. Uploaded a small file into that folder for testing.

🗂️ Now the Finance team has a dedicated folder for their reports and audits.

🔹 Step 3: Enable and Test File Snapshots

Snapshots let me recover files if they’re accidentally deleted — super useful.

  1. From the file share, I went to the Snapshots tab and clicked + Add snapshot.
  2. After the snapshot was created, I verified that the finance folder and file were included.
  3. I then deleted the file (intentionally, for testing).
  4. Opened the snapshot, navigated to the deleted file, selected Restore, and gave it a new name.

📁 The restored file appeared in the directory right away. That snapshot feature is gold.

🔹 Step 4: Lock Down Access to a Virtual Network

Now I needed to restrict access so only selected virtual networks can connect to the storage:

  1. I created a new Virtual Network named vnet-1, taking default settings.
  2. Went into the Subnets blade of the VNet and edited the default subnet.
  3. Under Service endpoints, I added Microsoft.Storage.

Then I returned to the storage account:

  1. Opened Networking settings.
  2. Set Public network access to: Enabled from selected virtual networks and IP addresses.
  3. Added my newly created vnet-1 and its default subnet.

🔐 This ensures only approved internal network resources can connect to the file share.

🔹 Step 5: Test Access Control

To confirm everything was locked down:

  • I navigated to Storage browser in the Azure Portal.
  • Tried accessing the file share from outside the approved VNet.

🛑 Got a message: “Not authorized to perform this operation.” Perfect. Access is properly restricted.

🧠 Key Takeaways

By the end of this lab, I had a secure and structured file sharing system set up for internal teams, with access controls and recovery options baked in.

Here’s what I learned:

  • 🗄️ Azure Files gives you SMB, NFS, and REST API file share support in the cloud.
  • 🔁 Snapshots protect your files by capturing point-in-time copies.
  • 🔐 Virtual network restrictions ensure only approved networks can connect.
  • 🔄 Premium storage with ZRS ensures high availability and fast access.

📌 Pro Tip: For organizations with multiple offices or departments, Azure Files + networking rules + snapshots is an ideal combo. It keeps everything fast, centralized, and secure — exactly what teams like Finance need.

Another lab down. More storage mastery unlocked. On to the next one! 🚀