Configuring file-level permissions – Securing Storage
In this section, we will look at the steps involved to assign share-level permissions: You have now learned how to configure file-level ACLs for Azure Storage shares. This concludes the…
Category: Managing Azure AD objects
Configuring access to Azure files – Securing Storage
In the following section, we will explore assigning share and file permissions on the AD-joined storage from the previous exercise, as well as mounting the share and exploring how to…
Configuring access and authentication – Securing Storage
Storage accounts can provide identity-based authentication through either Active Directory (on-premises) or Azure Active Directory Domain Services (AADDS). Both offer the ability to utilize Kerberos authentication offered by Active Directory.…
Storage access policies – Securing Storage
A storage access policy provides an additional layer of control over SAS by introducing policies for managing the SAS token. SAS tokens can now be configured for a start and…
Private endpoints – Securing Storage
Private endpoints provide a mechanism for Azure Storage accounts to have a private interface for a storage account and can be used to eliminate public access. They provide enhanced security…
Public endpoint and Azure Virtual Network (VNet) integration – Securing Storage
By default, storage accounts are provisioned with a public endpoint, and thanks to the enhanced control Azure offers, network traffic can be limited to those trusted IP addresses and networks…
Technical requirements – Securing Storage
This chapter focuses on one of the most common concepts when it comes to Azure andthat is securing storage on the Azure platform. The focus here will be on implementingand…
Azure URL paths for storage – Understanding and Managing Storage
Microsoft will expect youto know the construct for all storage endpoints in the exam. Here is a summary of each endpoint by service type:• File service: https://[storageAccountName].file.core.windows. net• Blob service:…
Configuring Azure Blob storage – Understanding and Managing Storage
Thanks to Azure Storage Explorer, working with blobs on a storage account is very similar and just as easy as working on a file share. For this exercise, we will…
Storage access tiers – Understanding and Managing Storage
Blob storage accounts use access tiers to determine how frequently data is accessed. Based on this access tier, you will get billed. Azure offers three storage access tiers: Hot, Cool,…