Provide storage for the IT department testing and training

#microsoftcloud #azure #learning #cloud

What is an Azure Storage Account?

Before we dive into creating and securing a storage account, it’s important to understand what it actually is.

In Microsoft Azure, a storage account is a fundamental resource that acts as a secure, scalable container for your data in the cloud. It provides a unified namespace to store and manage different types of data, all under one roof.

Think of it as a cloud-based data hub where you can store:

Blobs → for unstructured data like images, videos, backups, logs
Files → managed file shares accessible via SMB/NFS
Queues → for messaging between application components
Tables → NoSQL structured data

Each storage account is uniquely named and globally accessible (unless restricted), making it a critical entry point that must be properly secured.

Setting Up the Environment.

Now that you know what a storage account is, let’s get our hands dirty.

In this guide, we’ll create and secure an Azure Storage Account for an IT department testing and training environment, keeping things practical, straightforward, and (hopefully) a bit fun along the way.

And if you’re the type who likes to dig deeper, I’ve included a link to the official Microsoft documentation so you can explore Azure Storage in more detail.
https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview

Create a resource group and a storage account.

Create and deploy a resource group to hold all your project resources.
- In the Azure portal, search for and select Resource groups.
- Select + Create.
- Give your resource group a name. For example, storagerg.
- Select a region. Use this region throughout the project.
- Select Review and create to validate the resource group.
- Select Create to deploy the resource group.
Create and deploy a storage account to support testing and training.
- In the Azure portal, search for and select Storage accounts.
- Select + Create.
- On the Basics tab, select your Resource group.
- Provide a Storage account name. The storage account name must be unique in Azure.
- Set the Performance to Standard.
- Select Review, and then Create.
- Then Create.
- Wait for the storage account to deploy and then Go to resource.

Configure simple settings in the storage account.

The data in this storage account doesn’t require high availability or durability. A lowest cost storage solution is desired.
- In your storage account, in the Data management section, select the Redundancy blade.
- Select Locally-redundant storage (LRS) in the Redundancy drop-down.
- Be sure to Save your changes.
- Refresh the page and notice the content only exists in the primary location.
The storage account should only accept requests from secure connections.
- In the Settings section, select the Configuration blade.
- Ensure Secure transfer required is Enabled.
Developers would like the storage account to use at least TLS version 1.2.
- In the Settings section, select the Configuration blade.
- Ensure the Minimal TLS version is set to Version 1.2.
Until the storage is needed again, disable requests to the storage account.
- In the Settings section, select the Configuration blade.
- Ensure Allow storage account key access is Disabled.
- Be sure to Save your changes.
Ensure the storage account allows public access from all networks.
- In the Security + networking section, select the Networking blade.
- Ensure Public network access is set to Enabled from all networks.
- Be sure to Save your changes.

Conclusion

And that’s it, you’ve just deployed and secured your first Azure Storage Account.

What started as a simple setup turned into a solid foundation for a secure IT department testing and training environment. More importantly, you’ve seen how small configuration choices can make a big difference when it comes to protecting your data.

Keep experimenting, keep building, and most importantly, keep securing your resources.