Create-Azure-File-Shares-Script.ps1

Download

Azure_Files_Shares.ps1

$UserCredential = Get-Credential

#SecurityGroupNameSFDSSEC
$SecurityGroupNameSFDSSEC = "FSLogix_Share_Elevated_Contributor"

#SecurityGroupNameSFDSSC
$SecurityGroupNameSFDSSC = "WVD_Users"

#resourceGroupName variables
Write-Host "Please type Azure Resource Group Name " -NoNewline
Write-Host " [LOOK OUT!!! NO SPACES] " -ForegroundColor Red -NoNewline
$resourceGroupName = Read-Host

#resourceGroupName variables
Write-Host "Please type the Azure Storage Account Name " -NoNewline
Write-Host " [LOOK OUT!!! ITs MUST BE UNIGUE and NO SPACES] " -ForegroundColor Red -NoNewline
$storageAccountName = Read-Host

#shareName variables
Write-Host "Please type the Azure Storage Share Name " -NoNewline
Write-Host " [LOOK OUT!!! NO SPACES and LOWERCASE] " -ForegroundColor Red -NoNewline
$shareName = Read-Host

#$FileShareSize variables
Write-Host "Please type the File Share Size in GB " -NoNewline
Write-Host " [LOOK OUT!!! ONLY NUMBERS] " -ForegroundColor Red -NoNewline
$FileShareSize = Read-Host

#subscriptions variables
$subscriptions = Read-Host "Please type the Azure Subscriptions ID"

#Activate rights on Azure AD Group variables
$SFDSSC = Get-AzRoleDefinition "Storage File Data SMB Share Contributor"
$SFDSSEC = Get-AzRoleDefinition "Storage File Data SMB Share Elevated Contributor"

$scope = "/subscriptions/$subscriptions/resourceGroups/$resourceGroupName/providers/Microsoft.Storage/storageAccounts/$storageAccountName/fileServices/default/fileshares/$shareName"

Connect-AzureAD -Credential $UserCredential

#Create a Azure AD Group for FSLogix Share Elevated Contributor
New-AzureADMSGroup -Description $SecurityGroupNameSFDSSEC -DisplayName $SecurityGroupNameSFDSSEC -MailEnabled $false -SecurityEnabled $true -MailNickname $SecurityGroupNameSFDSSEC -GroupTypes "DynamicMembership" -MembershipRule ' (User.userPrincipalName -match "WVD@domain.onmicrosoft.com")' -MembershipRuleProcessingState "On"

$objectIdSFDSSEC = (Get-AzureADGroup -Filter "DisplayName eq '$SecurityGroupNameSFDSSEC'").objectId

#Create a Azure AD Group for WVD Users
New-AzureADMSGroup -Description $SecurityGroupNameSFDSSC -DisplayName $SecurityGroupNameSFDSSC -MailEnabled $false -SecurityEnabled $true -MailNickname $SecurityGroupNameSFDSSC -GroupTypes "DynamicMembership" -MembershipRule 'All users' -MembershipRuleProcessingState "On"

$objectIdSFDSSC = (Get-AzureADGroup -Filter "DisplayName eq '$SecurityGroupNameSFDSSC'").objectId

# Create a new Resource Group
New-AzResourceGroup -Name $resourceGroupName -Location "westeurope"

##### Create a new Storage Account Premium_LRS ######
##New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -Location "westeurope" -SkuName Premium_LRS -Kind FileStorage -EnableAzureActiveDirectoryDomainServicesForFile $true
##### Create a new Storage Account Premium_LRS ######

##### Create a new Storage Account Standard_LRS ######
##New-AzStorageAccount -ResourceGroupName $resourceGroupName -Name $storageAccountName -Location "westeurope" -SkuName Standard_LRS -Kind StorageV2 -EnableAzureActiveDirectoryDomainServicesForFile $true
##### Create a new Storage Account Standard_LRS ######


# Obtain Account Key for new Storage Account
$storageKey = (Get-AzStorageAccountKey -ResourceGroupName $resourceGroupName -Name $storageAccountName).Value[0]

# Set context to new Storage Account
$storageContext = New-AzStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $storageKey

# Create new File Share within the Storage Account
New-AzStorageShare -Name $shareName -Context $storageContext

# Resize the newly created File Share
Set-AzStorageShareQuota -ShareName $shareName -Context $Context -Quota $FileShareSize

# Set rights on Share With Azure AD Group
New-AzRoleAssignment -ObjectId $objectIdSFDSSC -RoleDefinitionName $SFDSSC.Name -Scope $scope
New-AzRoleAssignment -ObjectId $objectIdSFDSSEC -RoleDefinitionName $SFDSSEC.Name -Scope $scope