samuel eze

Posted on May 19

How to secure storage for azure files and azure blob storage.

#security #tutorial #beginners #azure

Securing storage for Azure Files and Azure Blob Storage means protecting your data from unauthorized access, leaks, deletion, or attacks while it’s stored in Microsoft Azure cloud services provided by Microsoft Azure.
With this steps we will learn how to secure storage for azure files and azure blob storage.

- step 1 first we create a storage account, in the azure portal search for storage account and press enter.

- step 2 select +create

- step 3 fill in the basic tab and click review + create

- note this basic form will be filled differently from the normal storage basic form, jus because we are working on file share, there must be changes. if you check the performance section we chose premium why because we are creating a file share, that is because we are creating something that has low latency also in the redundancy section we chose zone redundancy storage because choosing Zone-Redundant Storage (ZRS) means your files are stored in multiple Azure availability zones instead of just one location, lastly premium type we chose file share because obviously we are creating a file share storage.

- step 4 after basic form validation click on create

- step 5 go to resource

- step 6 on the overview page, click on the data storage blade, select file share

- step 7 on the file share page, click on + file share

- step 8 create a name and click on review + create

- step 9 click on create

we have successfully created a file share.

now we are going to add a directory to the file share

- step 10 on the overview page of the file share click on add directory give it a name and click on ok.

- step 11 on the overview page, click on browse, and select the directory we just created, click on upload after inserting the document you want to upload, you can go ahead and click on upload.

- step 12 now we should create a snapshot. what is a snapshot and why is it important? A snapshot is a read-only copy of your data at a specific point in time, and its important because In Azure File Shares, snapshots help you save the state of your files so you can restore them later if something goes wrong. on the overview page, on the browse blade, under operations select and click on snapshots, click on add snapshots add a comment if you want and click ok.

we just created snapshot.

- step 13 lets practice using the snapshot to restore a file. return to the file share and click on the browse blade on the overview page to find the file directory, click on the uploaded file, locate the hamburger icon, click on it and click on delete.

- step 14 now lets try and restore the already deleted file. select the snapshot blade, and then select your snapshot, select the file and click on the hamburger icon to find restore, give it a name and click ok.

lets configure the already created file to a selected virtual network.

what is a virtual network? A Virtual Network (VNet) in Azure is a private network created in the cloud that allows Azure resources to communicate securely with each other.

- step 15 on the azure portal, search and select virtual network.

click on +create

- step 16 select the resource group you created for the file, give it a name and click on review + create

after validation click on create.

- go to resource

- step 17 on the overview page of the virtual network created, click on submit under the settings blade choose the default submit and click on it. in the service end point choose Microsoft storage and save.

-now lets configure our file to a private network

- step 18 in your azure portal, search for storage account, select the storage account created earlier, click on it, on the overview page in the security + networking section, select networking

change the public network access to enable from selected virtual networks and IP address. on the overview page under public access, click on manage.

click on enable from selected network, click on add virtual network choose already created network, on the subnet, just because we used default earlier, we have to select default, click on add and save.

- step 19 now lets go back to our storage account to ascertain that the file is just for a selected virtual network. so go back to the storage account, click on the file,