Getting started with Cloud Storage - Microsoft Azure
In our lab walkthrough series, we go through selected lab exercises on our INE Platform. Subscribe or sign up for a 7-day, risk-free trial with INE and access this lab and a robust library covering the latest in Cyber Security, Networking, Cloud, and Data Science!
Purpose: Microsoft Azure is a cloud computing service operated by Microsoft and it occupies 22% of the cloud market share. Microsoft Azure Storage platform offers a flexible, secure, scalable storage system for storing a variety of data objects on the cloud and is easily accessible from anywhere across the world. In this article, we will learn how to get started with Azure Cloud Storage.
Technical difficulty:
| Novice | Beginner | Competent | Proficient | Expert
Lab Scenario
We have set up the below scenario in our INE labs for our students to practice. The screenshots have been taken from our online lab environment.
Objective
Create a storage account, upload blob and interact with it using azure portal and CLI.
Solution
Step 1:.Open the “Azure Portal login page” and fill in the credentials.
Step 2: After logging into the portal you will see the Azure dashboard along with the empty Resource Group, then click the “Menu bar” which is at the top left corner of the page and select the “Storage accounts”.
An Azure storage account contains all of your Azure Storage data objects, including blobs, file shares, queues, tables, and disks.
A List of existing accounts will be displayed. Click on “+ Create'' to create a new storage account
Step 3: Options for the creation of new storage will be visible. Select the existing resource group from the drop-down box as shown in the image.
Fill out the other details as given below:
Note: The Name of the storage container should be globally unique else an exception would be raised as seen above.
Fill in the details, then directly navigate to the tab “Review + Create” and click “Create” as shown:
The deployment takes a few minutes. After successful deployment, your storage account will be created, and then click on the button “Go to resource”.
Step 4: After that, you will see an option called “Containers” in the menu bar select it. Create a container for uploading and organizing blobs.
Press the “+ Container” to create a container.
A tab for container creation will open up, on the right-hand side of the browser.
Enter the name of the container and select the public access level to blob, which will allow us to access the blobs inside this container.
The name of the container can be non-unique because we are creating the container inside the unique storage.
After the successful creation of the container, the container will be visible in the storage accounts and you can see the public access level is “Blob”. Now open the container by clicking on the name of the container.
Step 5: Inside this container, you can upload your blobs. Click the Upload option.
A tab will open up, on the right-hand side of the web browser. Upload the file from your local machine.
Then choose the file that you want to upload to the container then click the “Upload” button.
After the successful upload, the file will be visible inside your container. Click on the file to view more details.
Open the URL visible in the details of the file in another tab on your web browser. The content of the blog file will be visible.
If you choose to download the uploaded file you can download it into your local system.
The file can also be accessed by generating a shared access signature (SAS). Using SAS you can restrict the time and permissions allowed for your blob resources.
Scroll to the right side of your blob file and click on options. Click on Generate SAS.
Once the following screen is visible. Scroll down and click on Generate SAS and URL, blob SAS token and blob SAS URL will be generated.
Open a new tab on your web browser and hit blob SAS URL. You will be able to see the content on your blob file.
Step 6: Now similarly, create another container with access level as private.
Upload the blob and check the URL given in detail of the blob.
Open the URL in another tab of your web browser. As the access was private, the content of the blob files is not visible.
Step 7: Click on the delete option to delete the blob files.
Step 8: Let’s click on the delete option to delete the container.
Step 9: Now let’s delete the Storage account as well. Click on the delete option to delete the storage account as follows.
Confirm the name of your storage account to delete it.
Let’s create a storage account, upload blob and interact with it using CLI
Note: To work with CLI, you need to install the Azure CLI on your machine.
Step 1: Open Powershell or cmd (Command Shell) and login into the account. This will open a new window in the browser where you will choose the account to sign in.
Command:
az login
Now, run the command “az group list” and note down both the subscription id(right-hand side of the word subscriptions in the 1st highlighted box) and resourceGroup id(right-hand side of the word resourceGroups in the 2nd highlighted box).
Command:
az group list
Step 2: Create a storage account in your resource group.
Command:
az storage account create --name ineteststorage --resource-group user_ONMB87KYIK_ResourceGroup --location westus --sku Standard_LRS --kind StorageV2
The following output will be visible after the successful creation of the storage account.
Step 3: An authorization is required before the creation of the container. Assign the Storage Blob Data Contributor role to yourself.
Command:
az ad signed-in-user show --query objectId -o tsv | az role assignment create --role "Storage Blob Data Contributor" --assignee <ObjectId> --scope "/subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>"
Replace the placeholder values in angle brackets with your values of ObjectId, subscriptions, resource-group, and storage-account
We have already noted down our resource-id and subscriptions-id in step 1. Now we need to generate the object-id.
Command:
az ad signed-in-user show
Once the authorization is successful, you will be able to create the container in your storage account.
Step 4: Create a container in the same storage account.
Command:
az storage container create --account-name ineteststorage --name inetestcontainer1 --auth-mode login
Step 5: Upload the blob file from your local desktop.
Command:
az storage blob upload --account-name ineteststorage --container-name inetestcontainer1 --file <yourFilePath> --auth-mode login --name blobtestname
Step 6: Check if the file uploaded is present in the container.
Command:
az storage blob list --account-name ineteststorage --container-name inestcontainer1 --output table --auth-mode login
Step 7: We can download the file as well to download the file.
Command:
az storage blob download --account-name ineteststorage --container-name inetestcontainer1 --file blobtest.txt --name blobtestname
Step 8: Now let’s delete the storage account. Provide value y when prompted for confirmation.
We have Successfully deleted the storage account.
Note: In case you are unable to delete the storage account. Keep on trying to delete.
Step 9: You can switch to a web browser and inspect the Resource Group in Azure Portal and it's empty.
References:
Azure Documentation (Azure documentation | Microsoft Docs)
Conclusion
In this article you learnt how to create a storage account, upload blob and interact with it using azure portal and CLI.
To perform these tasks hands-on in our lab, subscribe or sign up for a 7-day, risk-free trial with INE to access this lab and a robust library covering the latest in Cyber Security, Networking, Cloud, and Data Science!