Managing Azure Files

Primary service:

• Azure Files

Azure Files provides built-in data protection features:

• 1️⃣ File Share Snapshots 2️⃣ Soft Delete

These protect against:

• Accidental deletion
• Unwanted modifications
• Operational mistakes
• Certain disaster scenarios

Official documentation:

1️⃣ What Is a Snapshot?#

A snapshot is:

• A read-only, point-in-time copy of data.

Snapshots are common across:

• Virtual machines
• Databases
• Storage systems

In Azure Files:

• ✔ Snapshot captures the entire file share ✔ It is read-only ✔ It is incremental ✔ It can be mounted or restored

Docs:

2️⃣ Azure File Share Snapshots#

When you create a snapshot:

• Azure stores only changes since the previous snapshot
• This reduces storage costs
• Snapshots remain within the same storage account

Key Characteristics#

3️⃣ Why Snapshots Are Useful#

✔ Version Control#

Recover earlier file versions.

✔ Disaster Recovery#

Restore after corruption or ransomware.

✔ Backup Support#

Can be used for retention policies.

✔ Safe Change Rollback#

Take snapshot before major updates.

4️⃣ Snapshot Restore Options#

When restoring:

• Overwrite original file
• Restore as new file
• Browse and copy specific data

Important:

• Snapshots protect at share level — not granular file retention policy.

5️⃣ Demonstration Summary – Snapshots#

Steps performed:

• Open file share
• Navigate to Snapshots
• Click Add Snapshot
• Snapshot created (incremental)
• Modify file on Windows server
• Restore file from snapshot
• Original content restored

Key takeaway:

• Snapshots allow precise point-in-time recovery.

6️⃣ What Is Soft Delete?#

Soft Delete protects:

• Entire file shares from accidental deletion.

When enabled:

• Deleted file shares are retained
• Data recoverable for configured period
• Retention period: 1–365 days

Docs:

7️⃣ Important Soft Delete Behavior#

Very important:

⚠ Soft delete does NOT protect individual files ⚠ Only protects deleted shares

8️⃣ Demonstration Summary – Soft Delete#

Steps performed:

• Confirm soft delete enabled
• Attempt delete
• Removed resource lock (Azure Backup lock)
• Deleted file share
• Toggled "Show deleted shares"
• Restored share via Undelete
• Share status returned to Active

Key takeaway:

• Soft delete provides full share recovery.

9️⃣ Soft Delete vs Snapshot#

Best practice:

Use BOTH together.

🔟 Resource Lock Behavior (Important Detail)#

When soft delete enabled:

• Azure Backup integration may create locks
• You must remove lock before deleting share
• Locks protect against accidental deletion.

This is part of:

• Defense-in-depth.

11️⃣ Cost Considerations#

Snapshots#

• Charged for changed data only
• Incremental billing
• Frequent changes increase cost

Soft Delete#

Deleted share data still stored during retention

Storage billed until permanently deleted

12️⃣ Enterprise Protection Strategy#

Enterprise-grade Azure Files protection:

• ✔ Soft delete enabled ✔ Daily snapshots ✔ Azure Backup configured ✔ Immutable storage where required ✔ RBAC access control

Docs:

13️⃣ Advanced Concept: Snapshot Internals#

Snapshots are:

• Metadata pointers
• Block-level differential storage
• Stored in same storage account
• Not separate full copy

This makes them:

• ✔ Fast ✔ Storage efficient

14️⃣ Ransomware Protection Strategy#

If ransomware modifies files:

• Snapshot taken prior to infection
• Restore entire share or affected files
• Recover to safe state
• Snapshots act as rollback mechanism.

15️⃣ Limitations to Understand#

⚠ Snapshots are not cross-region ⚠ Soft delete does not protect files ⚠ Snapshots must be manually managed ⚠ Premium shares also support snapshots ⚠ No lifecycle automation like Blob tiering

16️⃣ Real-World Use Cases#

✔ Pre-deployment safe point ✔ Patch rollback ✔ File corruption recovery ✔ Accidental overwrite recovery ✔ Accidental share deletion recovery

17️⃣ Common Exam Pitfalls#

🚩 Soft delete protects files → False 🚩 Snapshots are full copies → False 🚩 Snapshots are read-only → True 🚩 Soft delete is enabled by default → True 🚩 Snapshots are incremental → True

18️⃣ Recommended Best Practice Design#

Minimum production configuration:

• Soft delete enabled (30+ days)
• Automated snapshot schedule
• Azure Backup vault integration
• Private endpoint access
• RBAC enforcement
• Monitoring enabled

Final Summary#

Azure Files data protection includes:

• 🔹 Snapshots → Point-in-time, incremental, read-only copies of file shares → Restore files or full share
• 🔹 Soft Delete → Protects against accidental share deletion → Retains deleted shares for configurable period
• Together, they provide layered protection for file share workloads.

If you'd like next:

• 🏗 Azure Files enterprise backup architecture
• 🔐 Azure Files security + identity deep dive
• 🧠 AZ-104 scenario-based exam questions
• 💰 Cost comparison: Snapshots vs Azure Backup
• 🛡 Ransomware protection strategy blueprint
• Tell me your focus (exam prep, enterprise design, or cost optimization).

Hands-on: Create and Mount an Azure Files Share#

Goal: Create an SMB file share and mount it from a VM.

1. Open a storage account.
2. Go to File shares > Create.
3. Name the share az104share.
4. Set a small quota such as 10 GiB.
5. Upload a test file.
6. Choose Connect and select Windows or Linux.
7. Copy the generated mount command.
8. Run it from a VM that can reach the storage account.
9. Create a file from the VM and confirm it appears in the portal.
10. Create a share snapshot.
11. Delete the test file and restore it from the snapshot.

Hands-on: Enable Soft Delete for File Shares#

1. Open the storage account.
2. Go to Data protection.
3. Enable soft delete for file shares.
4. Set a retention period such as 7 days for labs.
5. Delete the test share.
6. Open deleted shares and restore it.