An Overview Of Microsoft Azure Storage

Microsoft Azure Storage

This is a detailed article where you will be exploring Azure Storage account. I have divided this article into three sections –

  • Create a Storage Account in Azure
  • Make Storage part of Virtual Network
  • Assigning a Storage to a VM

How to create a Storage account in Azure

Pre-requisites

You must have an Azure Account. If you do not have one please visit here and create a trial account.

We will be taking a step by step approach here. So when you login to your azure portal, this will be first screen you will see,

Dashboard

Dashboard

Click on Storage Account and you will see the below screen, since I have already created some storage, I am able to see all of them, if you are doing it for the first time, you will be able to see Create a storage button in the portal. This is the screen which will show you all the storage accounts you have created under a particular subscription.

Storage Accounts

Storage Accounts

Click on Create New or Add (+) button and you will be able to see this screen.

Create a Storage Account

Create a Storage Account

Here you have to enter the name of the storage, and remember since we are working on a shared resource, your storage name should be unique. Then you have to select what kind of storage you want, I have already explained all the types above. Here what you need to take care is what type of Deployment Model you are selecting. There are two types basically – Azure Resource Manager, which is the new portal that has almost all the services in it, and the other one is Classic, which was an earlier version of Azure Portal. So if you are a legacy user of Azure Portal and some of your resources are in Classic and you want to create this storage for some VM created there, go for Classic. Location is nothing but the data center where you want to place your storage. I have already explained replication performance above.

Storage accounts

Storage accounts

Storage Accounts

Storage Accounts

I have already created a Resource group, hence I am able to select that group, if you do not have one, simply select Create new and give a name to that Resource Group and click on Create. Voila!! you have created  storage for yourself.

Additionally, you can check the status of the Deployment in the Notifications area,

Notifications Area

Notifications Area

Once you are done, you can see all the storage you have created by clicking on Refresh. Here the highlighted one is the one which I have created. If you want to update the created storage again, you can click on the name of the storage and update whatever settings you want to. If you are the owner of the subscription you can also Delete the storage.

Click the name and update

Click the name and update

Now when you select  storage that you have created earlier, depending on the type you have selected, since I have created captainrogers here and that was a V2 storage, I am able to see this screen,

captainrogers

captainrogers

By selecting Access Control IAM link, you will be able to give some user, which you have created in you Azure AD, access over the storage. By default, the user which inherits the subscription is part of the storage, but you can add more users by clicking on Add.

Select Access Control IAM

Select Access Control IAM

Also, you can define what type of Roles you want to give to that user.

Add permissions

Add permissions

There are multiple types of Roles you would want to give a particular user depending upon what is the working need of the user to whom you want to give access. These are mentioned in the screenshot below. I would like to take a moment here and brief you about some of the roles. Owner is the one who can manipulate the storage fully and has full control over the storage. Contributor is someone who can contribute to the storage by adding some files/blobs or anything to the storage but cannot delete the storage, likely a developer. Reader will only have read-only permission on the storage, most likely someone who is doing some audit and so on.

Select a role

Select a role

So here you select the role, select the user and click on save, and the selected storage will be available to the particular user.

Select the role, user and save

Select the role, user and save

Hence the below will be the total user who have access to captainrogers,

Total users who have access

Total users who have access

Here comes the concept of key. Keys are a medium to authenticate your application while logging in to the Azure Storage account, it comes with a combination of a connection string, here the concept is the same as a DB connection string, it works as config to connect the storage from the application.

Key1

Key1

Now earlier in this article I have explained about Encryption, here’s how you implement this in Storage account,

Encryption

Encryption

Some tips while using encryption,

  1. If you want to store your data in encrypted format, go for encryption.
  2. It is always recommended to use a Microsoft provided encryption key only, because if you create your own encryption key, there are chances you might forget that key, and then there will be no responsibility on the part of the cloud provider for the data loss.
  3. If you are using your own key, that has to be strictly on Blobs and Files storage, other types of storage use Microsoft encryption only.

How to make that Storage part of your network

Pre-requisites

There must be a Virtual Network present in your Azure Portal; if not then go ahead and create one for yourself.

In this section, we will explore how we can make a storage part of a network. After creating a storage, select the storage and go to Firewalls and Virtual Networks,

Firewalls and Virtual Networks

Firewalls and Virtual Networks

If you select All networks, your storage will be available to all the networks including the internet. For customization you need to choose the Selected Networks option.

If you see in the image below, you will be able to see that Dashboard, I have created multiple networks here, now what we will do is to create the storage part of these network.

Dashboard

Dashboard

Select the network, on which you want to create the part of your network and click on Firewalls and Network.

Firewalls and Virtual Networks

Firewalls and Virtual Networks

As I have mentioned earlier in this article you can select the storage part of all the networks you have created under subscription or you can select the specific network to impose limitations and security.

Select a specific network

Select a specific network

If you click on Add existing Network,

Add existing networks

Add existing networks

And you will be able to see the below screen, where you can provide the network and subnets you want your network to be part of, click on enable.

Click enable

Click enable

One more  thing I would like you to make a note of here, is that there is Address Range under firewall. You can put your public IP and see what is happening.

One more thing – There can be one and only one public IP associated to your network or I should put it like – your infra should only be exposed to one public IP. FYI – You have to buy this IP from your Internet provider like Sify, Airtel, Vodafone. But you can have multiple private IP(s), depending on what range you are using while you have created your network.

Address range

Address range

Once you save that’s how your storage will look,

New storage look

New storage look

Now, your storage is part of the network.

Assigning a Storage to VM

Finally, we will learn how to make this storage part of the VM you created.

Pre-requisites

A network, a storage and a VM. Create it on Azure Portal.

To make the network we created above part of VM, we have to follow the following steps – While creating storage, you would have created a Resource Group, while creating Virtual Network, you would either have created a new resource group or used whatever you had and the same concept goes for Virtual Machine. To achieve this simply go to the Storage Account section and Select the storage which you want to make part of your resource group and update the storage config like below ,

Move resources

Move resources

And voila your storage is now linked with your Virtual Machine, in the below image you can see that storage which I have created earlier are now part of VM’s resource group,

Storage is now linked with VM

Storage is now linked with VM

So now if you go on your dashboard, and check what resources you have it should look somewhat like below,

Click resouces

Click resources

Summary

This article explained about how to create the Azure Storage via Azure Portal.

About  the Author: 

9.2 years of experience with Microsoft technologies for Windows/Desktop based application development working as Technical Architect, passionate about technology as well as music. Organized and detail-oriented with proactive and hard-working attitude.

Reference:

Srivastava, N. (2019) An Overview Of Microsoft Azure Storage. Available at: https://www.c-sharpcorner.com/article/an-overview-of-microsoft-azure-storage/ [Accessed: 16 January 2019]

Share this on...

Rate this Post:

Share: