This hands-on lab provides some experience with configuring and securing an Azure storage account. We log in to the Azure portal and create a storage account, and then get familiar with the configuration options for it, including replication options, access tiers, and secure transfers. We RDP into a Windows VM and use Microsoft Azure Storage Explorer to connect to the storage account. We use Blob storage and attempt to upload and retrieve data from the blob. Using the Azure portal, we use access policies and shared access signatures to both permit access to the storage account and deny access to blob data. Subsequent attempts to upload and retrieve data from Blob storage should fail. Completing the lab provides the experience required to configure and secure an Azure storage account.
Successfully complete this lab by achieving the following learning objectives:
- Create and Configure a Storage Account
- In the Azure portal, click Create.
- In the search bar, type and select Storage account.
- Click Create.
- Create a storage account in the current resource group.
- Log In to the VM with RDP
Note: There may be an issue with the Connect option in the Azure portal. If this occurs for you, you can still RDP using your favorite RDP client and the public IP address of the VM.
- Open Azure Storage Explorer, Connect to the Azure Account, and Upload Image Files
- In the VM, open Azure Storage Explorer and connect to the Azure account using the provided credentials.
- Create a new blob storage container and upload sample images to the storage account using the files stored in
C:imageson the VM.
- Enable Security on the Storage Account Using the Various Methods Available
Use the following methods to harden security on the storage account: access keys, shared access signatures, and stored access policies.