Configuration and Security of Azure Storage Accounts

1.5 hours
  • 5 Learning Objectives

About this Hands-on Lab

This hands-on lab provides some experience with configuring and securing an Azure storage account. We log into the Azure portal and create a storage account, then get familiar with the configuration options for it, including replication options, access tiers, and secure transfers. We RDP into a Windows VM and install Microsoft Azure Storage Explorer. Then we connect to Blob storage, and attempt to upload and retrieve data from the blob. Using the Azure Portal, we use access policies and shared access signatures to both permit access to the storage account and deny access to blob data. Subsequent attempts to upload and retrieve data from blob storage should fail. Completing the lab provides the experience required to configure and secure an Azure Storage account.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create and Configure a Storage Account

In the Azure Portal, click Storage accounts in the left navigation pane, then click on + Add in the storage accounts blade. Create a storage account in the current resource group.

Log In to the VM with RDP, and Then Download and Install Microsoft Azure Storage Explorer

RDP login:

User Name : "azureuser"
Password : "LA!2018!Lab"

Note: Please note there may be an issue with the Connect option in the Azure Portal. If this occurs for you, you can still RDP using your favourite RDP client and the public IP address of the VM.

Storage Explorer URL:
https://go.microsoft.com/fwlink/?LinkId=708343&clcid=0x409

Download Sample Images to be Uploaded into Blob Storage

PowerShell code to run:

Add-Type -AssemblyName System.IO.Compression.FileSystem

$url = "https://github.com/linuxacademy/content-azure-labs/blob/master/zips/Azure-LearningActivity-CfgSecMon.zip?raw=true"
$zipfile = "C:UsersazureuserDesktopAzure-LearningActivity-CfgSecMon.zip"
$folder = "C:UsersazureuserDesktopimages"

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -UseBasicParsing -OutFile $zipfile $url 

[System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $folder)

Remove-Item -Path $zipfile 
Open Azure Storage Explorer, Connect to the Azure Account, and Upload Image Files

In the VM, open Azure Storage Explorer and connect to the Azure account using the provided credentials. Create a new blob storage container and upload sample images.

Enable Security on the Storage Account Using the Various Methods Available

Use the following methods to harden security on the storage account: access keys, shared access signatures, and stored access policies.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!
Thanks for reaching out!

You’ll hear from us shortly. In the meantime, why not check out what our customers have to say about ACG?