Demonstration - Create and configure blob storage.
In this demonstration, explore blob storage.
Review blob storage settings
-
[Supporting Slide] Before beginning the demonstration, review blob storage uses and organization. Which of our business groups will need blob storage?
-
Access the Azure portal.
-
You can continue using the previous storage account.
-
Select the Overview tab.
-
[Supporting Slide] In the Blob service section, highlight the Default access tier setting. Explain how corporate content might be in the hot access tier. Auditing information could be in the cool tier. Logs or seasonal marketing literature could be in the archive tier. Learn more, Access tiers for blob storage.
-
[Supporting Slide] In the Blob service section, highlight the soft delete settings. This would be important to the public website in case something is accidentally deleted or overwritten. Students will practice soft delete in the lab. Learn more, Blob soft delete.
-
In the Blob service section, point out the Versioning setting. This might be important to the Marketing department. Product literature might need to be tracked.
Create a blob container, upload a file, and configure access.
-
In your storage account, locate the Data storage blade.
-
Select Containers and then select + Container.
- Provide a name for your new conta
-
iner, public. This is storage for the public website.
-
Set the access level to Container (anonymous access read access for containers and blobs). Briefly describe the access levels. This is covered in more detail in the last demonstration.
-
Select Create.
-
Wait for the container to be deployed, then continue work in the public container.
-
Upload a blob. As you have time, discuss the options.
-
Select the uploaded file and copy the URL.
-
Open a new browser tab, paste in the URL and ensure the uploaded file displays.
-
Return to the public container and Change access level to Private (no anonymous access).
- Refresh the URL tab and confirm access to the resource is now denied.
Configure lifecycle management.
-
[Supporting Slide] Begin with a discussion of lifecycle management. The marketing group has product literature that is seasonal. For example, the winter clothing and accessory line. This content can be archived until the next season. Archiving content is easy to accomplish with a lifecycle management rule. Learn more, Blob lifecycle management policies.
-
Continue working in the storage account.
-
In the Data management blade, select Lifecycle management.
-
On the Details tab, name the rule movetoarchive.
-
Discuss the rule scope and how you can limit blobs with filters. For example, only moving the content in the specific container.
-
Move to the Base blobs tab.
-
Discuss how the rule will automatically move blobs based on the last modified or created more than days ago.
-
Open the Then drop-down and discuss the options. Try to give examples based on our lab scenario. For example, the IT department might want blobs deleted after 30 days because it is a test account.
Configure limited access to content.
-
Review usage cases for limited access. For example, the corporate content needs to be shared with third party vendors or partners. Access might be limited to a specific timeframe and action (read, write). Learn more, Shared access signatures.
-
Continue with the storage account.
-
In the Security + networking blade, select Shared access signature.
-
Review the Allowed services and Allowed resource types. Explain that a SAS can be scoped to a storage account, container, file, or individual blob file.
-
Review the Allowed permissions.
-
Select Blob and Container and Read.
-
Review the Start and expiry date/time settings.
-
Select Generate SAS and connection string.
-
Save your changes.
-
Copy the Blob service SAS URL to a new browser tab.
-
Discuss how the content is displayed even though this is a private container.
Configure blob object replication.
-
[Supporting Slide] Before continuing the demonstration, review usage cases for blob object replication. For example, the public website content needs to be backed up. Explain that storage accounts may be in different Azure regions, but that is not required. Learn more, Object replication.
-
Create a new storage account.
-
Create a container, backup, in the storage account.
-
Return to the first storage account and the public container.
-
In the Data management blade, select Object replication.
-
Select Create replication rules.
-
Destination storage account: your second storage account
-
Source container: public
-
Destination container: backup
-
-
Create the rule. Explain that it may take 5-10 minutes for the source container to replicate. Explain that students will take that time during the lab.
Note: Students should now be able to complete LAB_02a and LAB_02b.