Hello Folks,
In this article, I am going to demonstrate how to create an Azure storage account and then configure access to it from the networking and security point of view.
Prerequisites
Azure Storage Account and why we need it?
The following definition is given on the Azure Docs page. An Azure storage account contains all of your Azure Storage data objects, including blobs, file shares, queues, tables, and disks. The storage account provides a unique namespace for your Azure Storage data that's accessible from anywhere in the world over HTTP or HTTPS. For more information, Kindly follow the link.
Creating and Accessing the Azure Storage Accounts
Step 1
Log in to the Azure Portal
Step 2
In the portal, in the top search bar, type in and click on Storage accounts. Click + Create.
Step 3
In the Basics tab of the Create storage account wizard, perform the following actions:
- In the Resource group list, Create your own resource group for storage accounts to manage it easily.
- In the Storage account name box, enter any globally unique name
- Leave another field to set the default values.
- Finally, Review + Create
Step 4
In the Review + create a tab of the Create storage account wizard, perform the following actions,
- Review the default settings that will be applied to your new storage account.
- Select Create.
- Wait for the deployment to complete.
Step 5
After the successful deployment, kindly search for the resource group where our Storage account is deployed. Kindly find the same storage account.
- On the Storage account blade, observe the details in the Essentials pane. This essentials pane contains all the necessary metadata of the storage account.
- On the same page, Scroll-down on the Storage account blade, on the left under Security + networking, select Access keys.
- On the Access Key pane, you'll find key 1 and key 2 for our storage account. You can use the Rotate button to regenerate the key for security purposes.
Generate a Shared Access Signature(SAS) Using the Azure Portal
There are some scenarios where the operation team would like to share the logs with external team members like a crash report to the developers.
Step 6
- On the left under the Data storage section, select Containers.
- In the Containers section, click the pre-existing $log container from the list of containers.
Chose the logs and then open them to configure the SAS.
- Select the Generate SAS tab.
- Leave all settings at their default values and select Generate SAS token and URL.
- Copy the value in the Blob SAS URL box
- Open a new browser tab/window and navigate to the Blob SAS URL you just copied.
The shared access signature (SAS) that was appended to the end of the URL contains the appropriate credentials needed to access the blob using only the permissions and time window designated at the time of creation. We generated a SAS token that allowed us to access a protected blob using your browser. The team can generate the SAS token automatically or through the script whenever to share the data throughout the organization.
Conclusion
We will discuss the further steps in the next article. In this article, I have created a storage account and then configured the Shared access signature to share the data throughout the organization. We can also share different data with the organization. Kindly stay tuned for the continuation of this article.