DEV Community

Cover image for Setting Up Secure Cloud Storage: Restricted Access, Partner Sharing, Website Backup, and Lifecycle Management
Yemi G
Yemi G

Posted on • Edited on

Setting Up Secure Cloud Storage: Restricted Access, Partner Sharing, Website Backup, and Lifecycle Management

Create a storage account and configure high availability.

In Azure Portal, search for "storage account"

Image description

Select "Storage account"

Image description

Select "Create"

Image description

*Insert Resource Group previously created name
*

Image description

*Insert Storage account name
*

Image description

Select "Redundancy" to be Geo-redundant storage (GRS)

Image description

Select "Review + Create"

Image description

Check Validation and select "Create"

Image description

Create a storage container, upload a file, and restrict access to the file.

In the storage account, select "Data storage" and select "containers"

Image description

Select "+ Container"

Image description

Name the container

Image description

Ensure access level is private

Image description

Select "Create"

Image description

Upload File to Container
Select Container

Image description

Select "Upload"

Image description

Select File and upload

Image description

Select the file and copy file URL to check if file will be accessed

Image description

Paste URL to a new tab, verify file doesn't display

Image description

An external partner requires read and write access to the file for at least the next 24 hours. Configure and test a shared access signature (SAS)

Select the uploaded blob file and click the "Generate SAS tab"

Image description

Ensure the partner has only read permission

Image description

Set start/expiry time for the next 24 hours

Image description

Select "Generate SAS token and URL"

Image description

Copy the Blob SAS URL to a new browser tab to verify accessibility, file should be accessible.

Image description

Configure storage access tiers and content replication.
Return to storage account

Image description

Notice the default access tier is set to hot

Image description

In the Data Management section

Image description

Select "Lifecycle management"

Image description

Select "Add a rule"

Image description

Add Rule name

Image description

Select Rule scope to apply rule to all blobs in your storage account

Image description

Select "Next"

Image description

Select "Last modified"

Image description

Set days

Image description

Select "Move to cool storage"

Image description

Add rule

Image description

The public website files need to be backed up to another storage account

Create a new container

Image description

Select "Create"

Image description

Navigate to another storage account, click on "Data management"

Image description

Select "Object replication"

Image description

Select "Create replication rules"

Image description

Set Destination storage account to the Private storage previously created

Image description

Set Source Container as mainpublic and Destination Container as backup

Image description

Select "Create"

Image description

Top comments (0)