Create and configure file shares in Azure Storage

Configure Azure Files and Azure Blob Storage

📘Microsoft Certified: Azure Administrator Associate (AZ-104)

Azure Files allows you to create file shares in the cloud that multiple users and applications can access over standard protocols like SMB (Server Message Block) and NFS (Network File System). It’s similar to having a shared folder on a server, but it’s fully managed by Azure.

1. Understanding Azure File Shares

  • File Share: A cloud-based storage space in Azure where you can store files and folders.
  • Protocols Supported:
    • SMB: Most common for Windows-based applications and users.
    • NFS: Mainly for Linux-based systems.
  • Access: You can access Azure File Shares from:
    • Windows, Linux, or macOS computers
    • Azure Virtual Machines (VMs)
    • On-premises networks through Azure VPN or ExpressRoute

IT Example:

  • A company can store log files, configuration files, or backup data in a single Azure File Share that multiple VMs or on-premises servers can access.

2. Steps to Create a File Share in Azure

Step 1: Create a Storage Account

Every file share exists inside a storage account.

  • Go to Azure Portal → Storage Accounts → Create
  • Choose:
    • Subscription and Resource Group: Organizes your storage account.
    • Storage Account Name: Must be unique across Azure.
    • Region: Choose a region close to your users.
    • Performance Tier:
      • Standard: For general-purpose workloads.
      • Premium: For high-performance workloads.
    • Replication:
      • LRS (Locally Redundant Storage): Copies data within one region.
      • GRS (Geo-Redundant Storage): Copies data to another region.

Step 2: Create the File Share

  1. Go to your storage account → File shares+ File share.
  2. Enter:
    • Name of File Share: Unique within that storage account.
    • Quota: Maximum storage limit in GB. Example: 100 GB.
  3. Click Create.

Step 3: Configure Access

Azure provides two main ways to control access:

  1. Access Keys
    • Each storage account has two access keys.
    • Any user with a key can access all file shares in the storage account.
    • Pros: Easy to configure.
    • Cons: Less secure for multi-user environments.
  2. Azure Active Directory (Azure AD)
    • Allows identity-based access for users and applications.
    • Permissions can be granular: Read, Write, or Full Control.
    • Recommended for enterprise IT environments.
  3. Shared Access Signatures (SAS)
    • Provides time-limited access to files or folders.
    • Useful for giving temporary access to external applications or users.

3. Mounting File Shares

Once the file share is created, users or VMs need to mount it:

Windows

  • Use SMB path: \\<storageaccountname>.file.core.windows.net\<sharename>
  • Connect using either:
    • Access key
    • Azure AD credentials

Linux

  • Use cifs-utils to mount SMB share:
sudo mount -t cifs //<storageaccountname>.file.core.windows.net/<sharename> /mnt/<mountpoint> -o vers=3.0,username=<storageaccountname>,password=<accesskey>,dir_mode=0777,file_mode=0777,serverino

IT Example:

  • A Linux VM mounts an Azure file share to store daily log files, which can be processed by a Windows VM that mounts the same share.

4. Configuring Advanced Settings

Azure File Shares allow additional configuration:

  1. Soft Delete
    • Protects files from accidental deletion.
    • You can restore deleted files within a retention period.
  2. Snapshots
    • Capture a read-only version of the file share at a specific point in time.
    • Useful for backups or restoring previous versions of files.
  3. Encryption
    • Data is automatically encrypted at rest using Azure Storage Service Encryption (SSE).
    • Optionally, you can use customer-managed keys for more control.
  4. Tiering (Premium Only)
    • Change file storage to Hot or Cool tiers based on access frequency to save costs.

5. Key Exam Points

When preparing for AZ-104, remember:

  • Azure File Shares can be SMB or NFS.
  • File shares require a storage account.
  • Access can be controlled via:
    • Access Keys
    • Azure AD
    • SAS tokens
  • Features like soft delete, snapshots, and encryption are available.
  • File shares can be mounted on Windows, Linux, and macOS.
  • You can configure quotas and performance tiers.

6. Quick Table for Exam Memorization

FeatureDescriptionExam Focus
SMB / NFSProtocols for accessing sharesKnow difference and usage
Access KeysFull access to storage accountUnderstand simplicity vs security
Azure ADIdentity-based accessRecommended for enterprises
SASTemporary limited accessFor external users or apps
QuotaMax storage per shareSet during creation
Soft DeleteRecover deleted filesUseful for backup strategies
SnapshotsPoint-in-time backupExam may ask about recovery

💡 Tip for the Exam:
If a question asks how to securely allow a VM or user to access a file share, the safest and most “enterprise-recommended” answer is Azure AD identity-based access. Access keys are less secure because they give full storage account access.

Leave a Reply

Your email address will not be published. Required fields are marked *

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by