The IT department needs to prototype different storage scenarios and to train new personnel. The content isn’t important enough to back up and doesn’t need to be restored if the data is overwritten or removed. A simple configuration that can be easily changed is desired.

Architecture diagram

Diagram with one storage account

Skilling tasks

  • Create a storage account.
  • Configure basic settings for security and networking.

Exercise instructions

Create a resource group and a storage account.

  1. Create and deploy a resource group to hold all your project resources. Learn more about resource groups.
    • In the Azure portal, search for and select Resource groups.
    • Select + Create.
    • Give your resource group a name. For example, storagerg.
    • Select a region. Use this region throughout the project.
    • Select Review and create to validate the resource group.
    • Select Create to deploy the resource group.
  2. Create and deploy a storage account to support testing and training. Learn more about the types of storage accounts.
    • In the Azure portal, search for and select Storage accounts.
    • Select + Create.
    • On the Basics tab, select your Resource group.
    • Provide a Storage account name. The storage account name must be unique in Azure.
    • Set the Performance to Standard.
    • Select Review, and then Create.
    • Wait for the storage account to deploy and then Go to resource.

Configure simple settings in the storage account.

  1. The data in this storage account doesn’t require high availability or durability. A lowest cost storage solution is desired. Learn more about storage account redundancy.
    • In your storage account, in the Data management section, select the Redundancy blade.
    • Select Locally-redundant storage (LRS) in the Redundancy drop-down.
    • Be sure to Save your changes.
    • Refresh the page and notice the content only exists in the primary location.
  2. The storage account should only accept requests from secure connections. Learn more about requiring secure transfer from secure connections
    • In the Settings section, select the Configuration blade.
    • Ensure Secure transfer required is Enabled.
  3. Developers would like the storage account to use at least TLS version 1.2. Learn more about transport layer security (TLS).
    • In the Settings section, select the Configuration blade.
    • Ensure the Minimal TLS version is set to Version 1.2.
  4. Until the storage is needed again, disable requests to the storage account. Learn more about disabling shared keys.
    • In the Settings section, select the Configuration blade.
    • Ensure Allow storage account key access is Disabled.
    • Be sure to Save your changes.
  5. Ensure the storage account allows public access from all networks.
    • In the Security + networking section, select the Networking blade.
    • Ensure Public network access is set to Enabled from all networks.
    • Be sure to Save your changes.

Note: For additional practice complete the Create an Azure Storage Account module. The module has a sandbox where you can practice creating a storage account.