DEV Community

Cover image for Create a resource group and a storage account
Louis Oodo
Louis Oodo

Posted on • Edited on

Create a resource group and a storage account

#azure #devops #cloud #tutorial

Azure Basics: How to Set Up and Configure a Storage Account (Step-by-Step)

Setting up storage is one of the first things you'll do in Azure. In this guide, we will walk through creating a Resource Group, deploying a Storage Account, and hardening its security settings.

Phase 1: Create a resource group and a storage account

1: Create a Resource Group

A resource group is a container that holds related resources for an Azure solution.

  • In the Azure portal, search for and select Resource groups.
    select resource groups

  • Select + Create.
    Select create

  • Name: Enter a name (e.g., storagerg).
    louisstoragerg

  • Region: Select your preferred region. Note: Use this same region for all resources in this project.
    UK-South

  • Select Review + create,
    Review and Create

  • Then select Create to deploy.
    Create

2: Create a Storage Account

Now, let's deploy the storage account itself.

  • Search for and select Storage accounts.
    storage account

  • Select + Create.
    select create

  • Resource Group: Select the group you just created (storagerg).
    Resource group

  • Storage account name: Enter a unique name (must be globally unique).
    louis01

  • Performance: Set to Standard.
    Select Standard

  • Select Review,
    Review and create

  • Then Create.
    Create

  • Once deployment is complete, click Go to resource.
    Go to resource

Phase 2: Configure Redundancy and Security

To keep costs low and security high, we need to adjust a few default settings.

1. Set Low-Cost Redundancy

Since this is for testing, we don't need high availability.

  • In your storage account, in the Data management section, select the Redundancy blade.
    Data management section select redundancy

  • Select Locally-redundant storage (LRS) from the drop-down.
    Locally redundant storage

  • Click Save.
    Save

  • Refresh the page and notice the content only exists in the primary location.

2. Enforce Secure Transfer & TLS

  • In the Settings section, select Configuration blade.

Settings section select configuration blade

  • Ensure Secure transfer required is Enabled.

Secure transfer-enabled

3. Developers would like the storage account to use at least TLS version 1.2. Learn more about transport layer security (TLS).

  • In the Settings section, select the Configuration blade.

Settings section and select configuration

  • Ensure the Minimal TLS version is set to Version 1.2.

Version 1.2

4.Until the storage is needed again, disable requests to the storage account. Learn more about disabling shared keys.

  • In the Settings section, select the Configuration blade.
    Settings section and select configuration

  • Ensure Allow storage account key access is Disabled.
    Storage account key access

  • Be sure to Save your changes.
    Save changes

3. Network Access

  • In the Security + networking section, select the Networking blade.

Security and Networking

  • Ensure Public network access is set to Enabled from all networks.
    public network access-enabled

  • Click Save.

Save

Summary

You now have a functional, secure, and cost-effective Azure Storage account ready for your project!
The below is the secure azure storage architecture.

secure azure storage architecture

Key Takeaways:

  • LRS saves money for non-critical data.
  • TLS 1.2 is the modern standard for encryption in transit.
  • Disabling Shared Key access forces more secure authentication methods like Azure AD.

Happy Cloud Building!

Top comments (1)

Collapse
 
realcloudprojects profile image
SKILL.SCH

Welldone!