How to provide private storage for internal company documents
Ugonna
Posted on May 31, 2024
The following are below are steps for the above process
In the Azure portal, search for and select Storage accounts.
then Select + Create
Select the Resource group created in the previous lab.
Set the Storage account name to private and add an identifier to the name to ensure the name is unique (privatestella).
Select Review, and then Create the storage account
After validation has pass click create
Wait for the storage account to deploy, and then select Go to resource.
In the storage account, in the Data management section, select the Redundancy blade.
Ensured Geo-redundant storage (GRS) is selected.
Refresh the page and review the primary and secondary location information.
In the storage account, in the Data storage section, select the Containers blade.
Select Container
Ensure the Name of the container is private and make Public access level is Private (no anonymous access)
In Advanced settings, take the defaults and click create
For testing, upload a file to the private container
Select the container
Select Upload
Browse to files and select a file and then Upload the file
upload file
Select the uploaded file.
On the overview tab of the uploaded
Copy the URL.
Paste the url: https://privatestella.blob.core.windows.net/private/advanced.png on a browser to verify the file doesn’t display and you receive an error.
An external partner requires read and write access to the file for at least the next 24 hours. shared access signature (SAS) should be configured and tested
Select your uploaded blob file and move to the Generate SAS tab
In the Permissions drop-down, ensure the partner has only Read permissions.
Verify the Start and expiry date/time is for the next 24 hours
On the bottom center, Select Generate SAS token and URL
Copy the Blob SAS URL (https://privatestella.blob.core.windows.net/private/advanced.png?sp=r&st=2024-05-29T13:08:46Z&se=2024-05-30T13:08:46Z&spr=https&sv=2022-11-02&sr=b&sig=UJrEZnYxYdINV97Kfeb6nlVDQXaDkw9ZuKpkyD742Jo%3D)
Then copy the Blob url to a new browser tab
.
Configure storage access tiers and content replication.
Return to the storage account.
in the Overview section, the Default access tier is set to Hot.
Data management section, select the Lifecycle management blade.
Select Add rule.
Set the Rule name to movetocool
Set the Rule scope to Apply rule to all blobs in the storage account and select Next.
Ensuring the Last modified is selected and set More than (days ago) to 30. In the Then drop-down select Move to cool storage. then click add
The public website files need to be backed up to another storage account
In a the storage account, create a container
Call the container backup and create
Navigate to the public website storage account (nicolestorage1).In the Data management section, select the Object replication blade
Select Create replication rules
Set the destination storage account to the private storage account(privatestella)
Go to the publicwebsitekam storage account created in the previous exercise in the Data management section, select the Object replication blade
Set the Destination storage account to the private storage account
Set the Source container to public and the Destination container to backup
Create the replication rule.
Posted on May 31, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.