DEV Community

Cover image for Prototyping different storage scenarios for an IT department in Azure Portal.
Tunde Oretade
Tunde Oretade

Posted on

Prototyping different storage scenarios for an IT department in Azure Portal.

Introduction

In this post, I'll walk you through the process of providing Storage for a fictitious IT department, in the Azure portal. For the department, the data isn’t important enough to back up and doesn’t need to be restored if the data is overwritten or removed.

Prerequisites

Before we start, you'll need a Microsoft Account and an Azure free trial account. I covered opening a free trial account here

Step 1: Creating a resource group

Go to the Azure Portal Dashboard, and at the search bar - at the top level of the page - search and select Resource groups. This navigates to another page. While on that page select + create. On the next page, you are required to name your resource group. Go ahead and name your resource group. Then select a region. At the bottom of the page select the Review + create button to validate the resource group.
Select the 'create' button to deploy the resource group. The image below shows the created resource group.

resource group

Step 2: Creating and deploying a storage account

On the page of the resource group and the search bar - at the top level of the page - search and select Storage Accounts.
search bar step 1

storage

This navigates to another page. While on that page select + create at the upper left of the page or click on the create storage account button on that page.

options to creating storage account

This next page has 6 Tabs namely Basics, Advanced, Networking, Data protection, Encryption, Tags and Review + create.

Tabs

At the Basics tab, select the Resource group label under the project details section and select the Resource group created in Step 1.
resource group

Next, Under the Instance details section, give the storage account a unique name, select the (US)East US option at the Region label, and for the Performance label, select the standard radio button.
Storage name

Region

Performance

Accept the default Redundancy label option as shown. Afterward, select the Review + create button on the page and subsequently the "Create" button.

validating in progress

create

Wait for the storage account to deploy.
deployment in progress
deployment in progress II
After successfully deploying, click the go to resource button.
go to resources

Step 3: Configure settings in the Storage Account.

I: Data in this storage account does not need to be highly available.

We want to configure this storage account with the most basic settings. We don't have to worry if data isn't highly available. To do this, select Data Management at the left-hand side of the page and the Redundancy blade.

Data Management

Redundancy

Redundanncy part 2

Select the Locally redundant Storage (LRS) option from the Redundancy label. The reason for this is that "the data isn’t important enough to back up and doesn’t need to be restored if the data is overwritten or removed". As a result, High availability isn't required. This means the redundancy can take the least available option which is Locally redundant Storage.
Locally redundant Storage
Click save at the top of the page.

save

Previously, 2 locations may have shown up on the map displayed on this page. However, since we selected the Locally redundant Storage (LRS) option from the Redundancy label, only one location will be displayed on the map. Refresh the page if this isn't displaying.

redundancy changes

II: Storage account should only accept requests from secure connections.

The next configuration to set is to make the Storage account only accept requests from secure connections. To do this, follow these steps:

  • Locate settings at the left-hand side of the page, and select Settings the Configuration blade.

Configuration blade

  • At the page displayed, confirm that Secure Transfer required is Enabled Secure Transfer

III: Storage account should use a TLS version.

For the Storage account to use a TLS version,

  • go to settings Settings
  • select configuration blade, Configuration blade -Then, set Minimal TLS Version to version 1.2

Minimal TLS Version

IV: Request to the storage account is disabled until needed

For disabling requests to the storage account until required,

  • Select Settings, then Settings
  • Select the Configuration blade. Configuration blade
  • In the Allow Storage Account key access label, select the Disabled radio button. Allow Storage Account key access
  • Select the Save icon at the top level of the page.

V: Allow Storage Account to permit public access from all Networks.

For the last configuration in this task which is to permit public access from all Networks, follow the steps listed below:

  • At the left-hand side of the storage account page, select Security + networking Security + networking
  • Select the Networking blade Networking
  • set Public network access to Enabled from all network

Public network access

  • Click the Save icon of the page to save the changes.

Conclusion

To avoid unnecessary charges, delete your resource group if you will not be using it. You can do this from the Azure portal by navigating to your Resource group and clicking the "delete resource group" button.
In this post, we successfully created a Resource group which is a container for our storage account. We adjusted some basic settings for the storage account and saved these settings. Remember to monitor your usage to stay within the free tier limits and delete resources when they are no longer needed. Stay tuned for more posts on cloud development with Azure!

Cover Image by Markus Spiske on Unsplash

Top comments (0)