Microsoft Azure Storage
This is a detailed article where you will be exploring Azure Storage account. I have divided this article into three sections –
- Create a Storage Account in Azure
- Make Storage part of Virtual Network
- Assigning a Storage to a VM
How to create a Storage account in Azure
We will be taking a step by step approach here. So when you login to your azure portal, this will be first screen you will see,
Click on Storage Account and you will see the below screen, since I have already created some storage, I am able to see all of them, if you are doing it for the first time, you will be able to see Create a storage button in the portal. This is the screen which will show you all the storage accounts you have created under a particular subscription.
Click on Create New or Add (+) button and you will be able to see this screen.
Here you have to enter the name of the storage, and remember since we are working on a shared resource, your storage name should be unique. Then you have to select what kind of storage you want, I have already explained all the types above. Here what you need to take care is what type of Deployment Model you are selecting. There are two types basically – Azure Resource Manager, which is the new portal that has almost all the services in it, and the other one is Classic, which was an earlier version of Azure Portal. So if you are a legacy user of Azure Portal and some of your resources are in Classic and you want to create this storage for some VM created there, go for Classic. Location is nothing but the data center where you want to place your storage. I have already explained replication performance above.
I have already created a Resource group, hence I am able to select that group, if you do not have one, simply select Create new and give a name to that Resource Group and click on Create. Voila!! you have created storage for yourself.
Additionally, you can check the status of the Deployment in the Notifications area,
Once you are done, you can see all the storage you have created by clicking on Refresh. Here the highlighted one is the one which I have created. If you want to update the created storage again, you can click on the name of the storage and update whatever settings you want to. If you are the owner of the subscription you can also Delete the storage.
Now when you select storage that you have created earlier, depending on the type you have selected, since I have created captainrogers here and that was a V2 storage, I am able to see this screen,
By selecting Access Control IAM link, you will be able to give some user, which you have created in you Azure AD, access over the storage. By default, the user which inherits the subscription is part of the storage, but you can add more users by clicking on Add.
Also, you can define what type of Roles you want to give to that user.
There are multiple types of Roles you would want to give a particular user depending upon what is the working need of the user to whom you want to give access. These are mentioned in the screenshot below. I would like to take a moment here and brief you about some of the roles. Owner is the one who can manipulate the storage fully and has full control over the storage. Contributor is someone who can contribute to the storage by adding some files/blobs or anything to the storage but cannot delete the storage, likely a developer. Reader will only have read-only permission on the storage, most likely someone who is doing some audit and so on.
So here you select the role, select the user and click on save, and the selected storage will be available to the particular user.
Hence the below will be the total user who have access to captainrogers,
Here comes the concept of key. Keys are a medium to authenticate your application while logging in to the Azure Storage account, it comes with a combination of a connection string, here the concept is the same as a DB connection string, it works as config to connect the storage from the application.
Now earlier in this article I have explained about Encryption, here’s how you implement this in Storage account,
Some tips while using encryption,
- If you want to store your data in encrypted format, go for encryption.
- It is always recommended to use a Microsoft provided encryption key only, because if you create your own encryption key, there are chances you might forget that key, and then there will be no responsibility on the part of the cloud provider for the data loss.
- If you are using your own key, that has to be strictly on Blobs and Files storage, other types of storage use Microsoft encryption only.
How to make that Storage part of your network
In this section, we will explore how we can make a storage part of a network. After creating a storage, select the storage and go to Firewalls and Virtual Networks,
If you select All networks, your storage will be available to all the networks including the internet. For customization you need to choose the Selected Networks option.
If you see in the image below, you will be able to see that Dashboard, I have created multiple networks here, now what we will do is to create the storage part of these network.
Select the network, on which you want to create the part of your network and click on Firewalls and Network.
As I have mentioned earlier in this article you can select the storage part of all the networks you have created under subscription or you can select the specific network to impose limitations and security.
If you click on Add existing Network,
And you will be able to see the below screen, where you can provide the network and subnets you want your network to be part of, click on enable.
One more thing I would like you to make a note of here, is that there is Address Range under firewall. You can put your public IP and see what is happening.
One more thing – There can be one and only one public IP associated to your network or I should put it like – your infra should only be exposed to one public IP. FYI – You have to buy this IP from your Internet provider like Sify, Airtel, Vodafone. But you can have multiple private IP(s), depending on what range you are using while you have created your network.
Once you save that’s how your storage will look,
Now, your storage is part of the network.
Assigning a Storage to VM
Finally, we will learn how to make this storage part of the VM you created.
To make the network we created above part of VM, we have to follow the following steps – While creating storage, you would have created a Resource Group, while creating Virtual Network, you would either have created a new resource group or used whatever you had and the same concept goes for Virtual Machine. To achieve this simply go to the Storage Account section and Select the storage which you want to make part of your resource group and update the storage config like below ,
And voila your storage is now linked with your Virtual Machine, in the below image you can see that storage which I have created earlier are now part of VM’s resource group,
So now if you go on your dashboard, and check what resources you have it should look somewhat like below,
This article explained about how to create the Azure Storage via Azure Portal.
About the Author:
9.2 years of experience with Microsoft technologies for Windows/Desktop based application development working as Technical Architect, passionate about technology as well as music. Organized and detail-oriented with proactive and hard-working attitude.
Srivastava, N. (2019) An Overview Of Microsoft Azure Storage. Available at: https://www.c-sharpcorner.com/article/an-overview-of-microsoft-azure-storage/ [Accessed: 16 January 2019]