Table of content
A. What is azure storage
i. Key features of azure storage
ii. Types of data
B. Steps in creating storage account
A. What is azure storage
Azure Storage is a cloud storage solution provided by Microsoft that allows you to store and access data in the cloud. It offers highly available, massively scalable, durable, and secure storage for a variety of data objects.
i. Key features of azure storage
a. Scalability:scalability in Azure Storage refers to the ability of the service to automatically adjust its capacity to meet changing storage needs. This means that as your data grows or shrinks, Azure Storage can dynamically scale up or down to accommodate the increased or decreased storage requirements.
Azure storage can scale horizontally by adding or removing storage accounts to increase or decrease storage capacity. It can also scale
Vertically by increasing or decreasing the performance tier to optimize for different workloads and finally it can scale up automatically by scaling up or down based on predefined rules or metrics, ensuring that your storage resources are always aligned with your application's needs.
b. Durability: Durability in Azure Storage refers to the reliability and persistence of data stored within the service. It ensures that your data is protected against loss due to hardware failures, software errors, or other unforeseen events.
c. Security:Security in azure storage is a measures put in place to protect your data from unauthorized access and potential threats. Examples are
Data Encryption
At-rest encryption: Azure Storage encrypts data while it's stored on disk, providing protection against unauthorized access even if the physical storage device is compromised.
In-transit encryption: Data is encrypted during transmission between your application and Azure Storage, safeguarding it from eavesdropping or interception.
Access Controls
Role-based access control (RBAC): You can granularly control who has access to your storage resources by assigning roles with specific permissions.
Shared access signatures (SAS): You can generate temporary access tokens that grant limited permissions to specific users or applications, enabling secure data sharing.
Network Security
Virtual private networks (VPNs): You can connect your on-premises network to Azure Storage using a VPN, providing a secure and private connection.
Private endpoints: You can create private endpoints for your storage accounts, restricting access to only within your virtual network, enhancing security.
Compliance and Certifications
Industry certifications: Azure Storage adheres to various industry standards and certifications, such as HIPAA, GDPR, and PCI DSS, ensuring that it meets stringent security requirements.
Regular audits and assessments: Microsoft regularly conducts security audits and assessments to identify and address potential vulnerabilities.
Threat Detection and Protection
Azure Security Center: This service provides advanced threat protection for your Azure resources, including storage accounts, by continuously monitoring for suspicious activity and anomalies.
Azure Monitor: You can use Azure Monitor to set up alerts and notifications for security-related events, enabling you to proactively respond to potential threats.
By combining these security measures, Azure Storage provides a robust and secure environment for storing and managing your data.
d.Performance tiers: Performance tiers in Azure Storage refer to the different levels of performance and cost that you can choose for your storage accounts. These tiers allow you to optimize your storage solution for different workloads and performance requirements.
Main performance tiers available in Azure Storage are:
Standard: This is the most cost-effective tier, suitable for general-purpose workloads that don't require extremely high performance.
Premium: This tier offers higher performance than Standard, making it ideal for applications that require faster data access and lower latency.
Premium Block Blob: This is a specialized tier designed for storing large amounts of block blobs efficiently. It offers even higher performance than the standard Premium tier.
ii. Types of data.
- Blob Storage: Designed for storing large amounts of unstructured data like images, videos, documents, and audio files.
- File Storage: Provides a familiar file share experience in the cloud, allowing you to access files from multiple servers or applications.
- Queue Storage: A reliable queue service for storing messages and processing them asynchronously.
- Table Storage: A NoSQL database service for storing structured data in key-value pairs. Ideal for storing large amounts of structured data that don't require a relational database schema.
- Disk Storage: A managed disk service that provides highly durable and reliable storage for virtual machines. .6. Archive Storage: A cost-effective storage solution for long-term data retention. Designed for infrequently accessed data that needs to be stored for extended periods. Offers lower storage costs compared to other storage options.
- Data Lake Storage Gen2: A highly scalable and performing storage solution for big data analytics and machine learning .
B. Steps in creating storage account
Here are steps in creating Azure storage
NOTE: The IT department needs to prototype different storage scenarios and to train new personnel. The content isn't important enough to back up and doesn't need to be restored if the data is overwritten or removed. A simple configuration that can be easily changed is desired.
Skilling tasks
Create a storage account.
Configure basic settings for security and networking.
Create a resource group and a storage account.
Steps 1.Create and deploy a resource group to hold all your project
resources.
*In the Azure portal, search for and select Resource groups
- Give your resource group a name. For example, storagerg.
- Select a region. Use this region throughout the project.
- Select Review and create to validate the resource group.
- Select Create to deploy the resource group.
Step 2.Create and deploy a storage account to support testing and training.
*In the Azure portal, search for and select Storage accounts
A.On the Basics tab, select your Resource group
B. Provide a Storage account name. The storage account name must be unique in Azure
C. Set the Performance to Standard.
D. Select Review, and then Create.
*Wait for the storage account to deploy and then Go to resource
Configure simple settings in the storage account.
1.The data in this storage account doesn’t require high availability or durability. A lowest cost storage solution is desired.
- In your storage account, in the Data management section, select the Redundancy blade.
*Select Locally-redundant storage (LRS) in the Redundancy drop-down.
- Be sure to Save your changes.
- Refresh the page and notice the content only exists in the primary location.
2.The storage account should only accept requests from secure connections
A.In the Settings section, select the Configuration blade
B.Ensure Secure transfer required is Enabled.
3.Developers would like the storage account to use at least TLS version 1.2
A. In the Settings section, select the Configuration blade.
B. Ensure the Minimal TLS version is set to Version 1.2.
4.Until the storage is needed again, disable requests to the storage account.
A. In the Settings section, select the Configuration blade.
B. Ensure Allow storage account key access is Disabled.
C. Be sure to Save your changes
5.Ensure the storage account allows public access from all networks.
A. In the Security + networking section, select the Networking blade.
B. Ensure Public network access is set to Enabled from all networks.
C. Be sure to Save your changes
Azure storage account with required configuration setting had been successfully created.
Kindly subscribe for more update.
Top comments (0)