Exercise - Create a storage account using the Azure portal
In this unit, you'll use the Azure portal to create a storage account that is appropriate for a fictitious southern California surf report web app.
The surf report site lets users upload photos and videos of local beach conditions. Viewers will use the content to help them choose the beach with the best surfing conditions. Your list of design and feature goals is:
- Video content must load quickly.
- The site must handle unexpected spikes in upload volume.
- Outdated content must be removed as surf conditions change so the site always shows current conditions.
To fulfill these requirements, you decide to buffer uploaded content in an Azure Queue for processing and then transfer it to an Azure Blob for persistent storage. You need a storage account that can hold both queues and blobs while delivering low-latency access to your content.
Use the Azure portal to create a storage account
Sign into the Azure portal using the same account you activated the sandbox with.
On the Azure portal menu or from the Home page, select Create a resource.
In the selection panel that appears, select Storage.
On the right side of that pane, select Storage account.
Configure the basic options
The free sandbox allows you to create resources in a subset of the Azure global regions. Select a region from the following list when you create resources:
- West US 2
- South Central US
- Central US
- East US
- West Europe
- Southeast Asia
- Japan East
- Brazil South
- Australia Southeast
- Central India
Under PROJECT DETAILS:
Select the Concierge Subscription from the Subscription drop-down list.
Select the existing Resource Group ("
[sandbox resource group name]") from the drop-down list.
This free Resource Group has been provided by Microsoft as part of the learning experience. When you create an account for a real application, you'll want to create a new Resource Group in your subscription to hold all the resources for the app.
Under INSTANCE DETAILS:
Enter a Storage account name. The name will be used to generate the public URL used to access the data in the account. The name must be unique across all existing storage account names in Azure. Names must be 3 to 24 characters long and can contain only lowercase letters and numbers.
Select a Location near to you from the list above.
Select Standard for the Performance option. This decides the type of disk storage used to hold the data in the Storage account. Standard uses traditional hard disks, and Premium uses solid-state drives (SSD) for faster access. However, remember that Premium only supports page blobs. You'll need block blobs for your videos, and a queue for buffering - both of which are only available with the Standard option.
Select StorageV2 (general purpose v2) for the Account kind. This provides access to the latest features and pricing. In particular, Blob storage accounts have more options available with this account type. You need a mix of blobs and a queue, so the Blob storage option will not work. For this application, there would be no benefit to choosing a Storage (general purpose v1) account, since that would limit the features you could access and would be unlikely to reduce the cost of your expected workload.
Select Locally-redundant storage (LRS) for the Replication option. Data in Azure storage accounts are always replicated to ensure high availability - this option lets you choose how far away the replication occurs to match your durability requirements. In our case, the images and videos quickly become out-of-date and are removed from the site. As a result, there is little value to paying extra for global redundancy. If a catastrophic event results in data loss, you can restart the site with fresh content from your users.
Set the Access tier to Hot. This setting is only used for Blob storage. The Hot Access Tier is ideal for frequently accessed data, and the Cool Access Tier is better for infrequently accessed data. Note that this only sets the default value - when you create a Blob, you can set a different value for the data. In our case, we want the videos to load quickly, so you'll use the high-performance option for your blobs.
The following screenshot shows the completed settings for the Basics tab. Note that the resource group, subscription, and name will have different values.
Configure the networking options
Click the Next: Networking > button to move to the Networking tab, or select the Networking tab at the top of the screen.
Set the Connectivity method option to Public endpoint (all networks). This option allows you to isolate the storage account on an Azure virtual network. We want to use public Internet access. Our content is public facing and you need to allow access from public clients.
Configure the advanced options
Click the Next: Advanced > button to move to the Advanced tab, or select the Advanced tab at the top of the screen.
Set Secure transfer required to Enabled. The Secure transfer required setting controls whether HTTP can be used for the REST APIs used to access data in the Storage account. Setting this option to Enabled will force all clients to use SSL (HTTPS). Most of the time you'll want to set this to Enabled as using HTTPS over the network is considered a best practice.
If this option is enabled, it will enforce some additional restrictions. Azure files service connections without encryption will fail, including scenarios using SMB 2.1 or 3.0 on Linux. Because Azure storage doesn’t support SSL for custom domain names, this option cannot be used with a custom domain name.
Leave the Large file shares option set to Disabled. Large file shares provides support up to a 100TiB, however this type of storage account can't convert to a Geo-redundant storage offering and upgrades are permanent.
Leave the Blob Soft delete option set to Disabled. Soft delete lets you recover your blob data in many cases where blobs or blob snapshots are deleted accidentally or overwritten.
Leave the Data Lake Storage Gen2 option as Disabled. This is for big-data applications that aren't relevant to this module.
The following screenshot shows the completed settings for the Advanced tab.
You can explore the Tags settings if you like. This lets you associate key/value pairs to the account for your categorization and is a feature available to any Azure resource.
Click Review + create to review the settings. This will do a quick validation of your options to make sure all the required fields are selected. If there are issues, they'll be reported here. Once you've reviewed the settings, click Create to provision the storage account.
It will take a few minutes to deploy the account. While Azure is working on that, let's explore the APIs we'll use with this account.
Select the Storage accounts link in the left sidebar.
Locate the new storage account in the list to verify that creation succeeded.
You created a storage account with settings driven by your business requirements. For example, you might have selected a West US datacenter because your customers were primarily located in southern California. This is a typical flow: first analyze your data and goals, and then configure the storage account options to match.