The first step is to create a storage account for the internal private company documents. To do this, search for and select Storage accounts. Click create. Select the Resource group that was created in the previous lab. Name the storage account. Select Review + Create, and then Create the storage account. Once the storage account has been deployed click Go to resource. This storage requires high availability if there’s a regional outage. Read access in the secondary region is not required. Configure the appropriate level of redundancy. In the storage account, navigate to the Data management section, and select Redundancy. Select Geo-redundant storage (GRS) and save the changes.
Now , to create a private storage container for the corporate data, in the storage account, navigate to the Data storage section, and select Containers. Select + Container. Name the container. Ensure the Public access level is Private (no anonymous access). Click Create.
To test, upload a file to the private container and test to make sure the file isn’t publicly accessible by copying and pasting the URL.
An external partner requires read and write access to the file for at least the next 24 hours. Configure and test a shared access signature. Select your uploaded blob file and move to the Generate SAS tab.
In the Permissions drop-down, ensure the partner has only Read permissions. Ensure the start and expiry time is for the next 24 hours.
Select Generate SAS token and URL. Copy the Blob SAS URL to a new browser tab and ensure you can access the file.
To save on costs, after 30 days, move blobs from the hot tier to the cool tier. In the storage account, in the Overview section, the Default access tier should be set to Hot. In the Data management section, select Lifecycle management. Select Add rule. Set the Rule name to movetocool. Set the Rule scope to Apply rule to all blobs in the storage account. Click Next.
Verify that Last modified is selected. Set More than (days ago) to 30. In the Then drop-down select Move to cool storage. Add the rule.
The public website files need to be backed up to another storage account. In the storage account, create a new container for backup.
Refer back to the previous if you need detailed instructions. Go to that storage account created in the previous exercise. In the Data management section, select Object replication. Select Create replication rules. Set the Destination storage account to the private storage account. Set the Source container to public and the Destination container to backup. Create the replication rule.
Top comments (0)