Secure storage for Azure Files and Azure Blob Storage

Skilling tasks

• Create a storage account with high availability.
• Ensure the storage account has anonymous public access.
• Create a blob storage container for the website documents.
• Enable soft delete so files can be easily restored.
• Enable blob versioning.

[Step 1] Create a storage account to support the public website.

• In the portal, search for and select Storage accounts.

• Select + Create.

• For resource group select new Give your resource group a name and select OK.

• Set the Storage account name to publicwebsitenw. Make sure the storage account name is unique by adding an identifier.

• Take the defaults for other settings.
• Select Review and then Create.

• Wait for the storage account to deploy, and then select Go to resource.

[Step 2] This storage requires high availability if there’s a regional outage. Additionally, enable read access to the secondary region, Learn more about storage account redundancy.

• In the storage account, in the Data management section, select the Redundancy blade.

• Ensure Read-access Geo-redundant storage is selected.

• Review the primary and secondary location information.

[Step 3] Information on the public website should be accessible without requiring customers to login.

• In the storage account, in the Settings section, select the Configuration blade.
• Ensure the Allow blob anonymous access setting is Enabled.
• Be sure to Save your changes.

Create a blob storage container with anonymous read access

[Step 1] The public website has various images and documents. Create a blob storage container for the content.

• In your storage account, in the Data storage section, select the Containers blade.
• Select + Container.

• Ensure the Name of the container is public.
• Select Create

[Step 2] Customers should be able to view the images without being authenticated. Configure anonymous read access for the public container blobs.

• Select your public container.
• On the Overview blade, select Change access level.

• Ensure the Public access level is Blob (anonymous read access for blobs only).
• Select OK.

Practice uploading files and testing access.

[Step 1] For testing, upload a file to the public container. The type of file doesn’t matter. A small image or text file is a good choice.

• Ensure you are viewing your container.
• Select Upload.

• Browse to files and select a file. Browse to a file of your choice.

• Select Upload.

• Close the upload window, Refresh the page and ensure your file was uploaded.

[Step 2] Determine the URL for your uploaded file. Open a browser and test the URL

• Select your uploaded file.
  

• On the Overview tab, copy the URL.

• Paste the URL into a new browser tab.

• If you have uploaded an image file it will display in the browser. Other file types should be downloaded.