CREATING PRIVATE STORAGE FOR INTERNAL COMPANY DOCUMENTS

Stephen Onyewuchi - Oct 30 - - Dev Community

Table of contents

Create a storage account and configure high availability.


1. Create a storage account for the internal private company documents.

  • In the portal, search for and select Storage accounts.

2024-10-29_09h17_06

  • Select + Create.

2024-10-29_09h26_24

  • Select the Resource group created in the previous lab.

  • Set the Storage account name to private. Add an identifier to the name to ensure the name is unique.

  • Select Review, and then Create the storage account.

2024-10-29_09h30_03

  • Wait for the storage account to deploy, and then select Go to resource.

2024-10-29_09h34_01


2. Configure redundancy for the storage account.

  • In the storage account, in the Data management section, select the Redundancy blade.

  • Ensure Geo-redundant storage (GRS) is selected.

2024-10-29_09h37_42

  • Refresh the page.

  • Review the primary and secondary location information.

  • Save your changes.

Create a storage container, upload a file, and restrict access to the file.


1. Create a private storage container for the corporate data.

  • In the storage account, in the Data storage section, select the Containers blade.
  • Select + Container.
  • Ensure the name of the container is private.
  • Ensure the Public access level is Private (no anonymous access).
  • As you have time, review the Advanced settings, but take the defaults.

2024-10-29_09h46_12

  • Select Create.


2. Test to ensure the file is not publicly accessible.

  • Select the container.
  • Select Upload.
  • Browse to files and select a file.
  • Upload the file.

2024-10-29_09h55_16

  • Select the uploaded file.
  • On the Overview tab, copy the URL.

2024-10-29_10h01_15

  • Paste the URL into a new browser tab.
  • Verify the file doesn’t display and you receive an error.

2024-10-29_10h02_46


3. Configure and test a shared access signature (SAS)

  • Select your uploaded blob file and move to the Generate SAS tab.

2024-10-29_10h05_59

  • In the Permissions drop-down, ensure the partner has only Read permissions.
  • Verify the Start and expiry date/time is for the next 24 hours.
  • Select Generate SAS token and URL.

2024-10-29_10h10_13

  • Copy the Blob SAS URL to a new browser tab.

2024-10-29_10h12_31

  • Verify you can access the file. If you have uploaded an image file it will display in the browser. Other file types will be downloaded.

2024-10-29_10h14_29

Configure storage access tiers and content replication.


1. Configure to move blobs from the hot tier to the cool tier

  • Return to the storage account.
  • In the Overview section, notice the Default access tier is set to Hot.

2024-10-29_10h21_36

  • In the Data management section, select the Lifecycle management blade.
  • Select Add rule.

2024-10-29_10h25_40

  • Set the Rule name to movetocool.
  • Set the Rule scope to Apply rule to all blobs in the storage account.

2024-10-29_10h28_19

  • Select Next.
  • Ensure Last modified is selected.
  • Set More than (days ago) to 30.
  • In the Then drop-down select Move to cool storage.
  • As you have time, review other lifecycle options in the drop-down.

2024-10-29_10h32_48

  • Add the rule.


2. Backup public website files to another storage account.

  • In your storage account, create a new container called backup. Use the default values.

2024-10-29_10h36_32

  • Navigate to your publicwebsite storage account. This storage account was created previously.

  • In the Data management section, select the Object replication blade.

  • Select Create replication rules.

2024-10-29_10h41_35

  • Set the Destination storage account to the private storage account.
  • Set the Source container to public and the Destination container to backup.

2024-10-29_21h41_55

  • Create the replication rule.
  • Optionally, as you have time, upload a file to the public container.

2024-10-29_21h50_45

  • Return to the private storage account and refresh the backup container. Within a few minutes your public website file will appear in the backup folder.

2024-10-29_21h52_24
Back to top

. . . . . .