Sign in to the Azure portal
On the resource menu, or from the Home page, select Storage accounts. The Storage accounts pane appears.
On the command bar, select Create. The Create a storage account pane appears.
On the Basics tab, enter the following values for each setting.
Subscription : Pick your subscription
Resource group: Select a resource group if you have one. But if you don't, you can create one.
Storage account name: Give your storage an Azure global name.
Region: Select a region
Performance: Standard option decides the type of disk storage used to hold the data in the Storage account. Standard uses traditional hard disks, and Premium uses solid-state drives (SSD) for faster access. Choose the one that is best suited for your project.
Redundancy: Select Locally redundant storage (LRS) from the dropdown list.
- Select Next : Advanced. On the Advanced tab, enter the following values for each setting.
Require secure transfer for REST API operations: Check this. This setting controls whether HTTP can be used for the REST APIs that access data in the storage account. Setting this option to enable forces all clients to use HTTPS. Most of the time, you want to set secure transfer to enable; using HTTPS over the network is considered a best practice.
Allow enabling anonymous access on individual containers: Check this. Blob containers, by default, don't permit anonymous access to their content. This setting allows authorized users to selectively enable anonymous access on specific containers.
Enable storage account key access: Check this. We want to allow clients to access data via SAS.
Default to Microsoft Entra authorization in the Azure portal: Uncheck this. Clients are public, not part of an Active Directory.
Minimum TLS version: Select Version 1.2 from dropdown list. TLS 1.2 is a secure version of TLS, and Azure Storage uses it on public HTTPS endpoints. TLS 1.1 and 1.0 are supported for backwards compatibility.
Permitted scope for copy operations: Accept default
Enable hierarchical namespace: Uncheck. Data Lake hierarchical namespace is for big-data applications that aren't relevant to this module.
Enable hierarchical namespace: Accept default. Blob and Data Lake Gen2 endpoints are provisioned by default.
Blob storage
Allow cross-tenant replication: You can uncheck this.
Access tier: Hot. This setting is only used for Blob storage. The Hot access tier is ideal for frequently accessed data; the Cool access tier is better for infrequently accessed data. This setting only sets the default value. When you create a Blob, you can set a different value for the data.
Azure Files
Enable large file shares: Uncheck. Large file shares provide support up to a 100 TiB, however this type of storage account can't convert to a Geo-redundant storage offering, and upgrades are permanent.
- Select Next : Networking. On the Networking tab, enter the following values for each setting.
Network connectivity
Network access: Enable public access from all networks. We want to allow public Internet access. Our content is public facing, and we need to allow access from public clients.
Network routing
Routing preference: Microsoft network routing. We want to make use of the Microsoft global network that is optimized for low-latency path selection.
- Select Next : Data protection. On the Data protection tab, enter the following values for each setting.
Enable point-in-time restore for containers: Uncheck.
Enable soft delete for blobs: Uncheck. Soft delete lets you recover blob data in cases where blobs or blob snapshots are deleted accidentally or overwritten.
Enable soft delete for containers: Uncheck. Soft delete lets you recover your containers that are deleted accidentally.
Enable soft delete for file shares: Uncheck. File share soft delete lets you recover your accidentally deleted file share data more easily.
Tracking
Enable versioning for blobs: Uncheck.
Enable blob change feed: Uncheck.
Access control
Enable version-level immutability support: Uncheck.
Select Next: Encryption. Accept the defaults.
Select Next: Tags. Here, you can associate key/value pairs with the account for your categorization to determine if a feature is available to selected Azure resources.
Select Next: Review to validate your options and to ensure all the required fields are selected. If there are issues, this tab identifies them so you can correct them.
When validation passes successfully, select Create to deploy the storage account.
When deployment is complete, which may take up to two minutes, select Go to resource to view Essential details about your new storage account.
Top comments (0)