Microsoft Applied Skills: Secure Storage for Azure Files and Azure Blob Storage
Part 5 of 5: Provide Storage for a New Company App
Lab Overview
In this lab, Surf City Boats is in the process of designing and developing a new application. For this application, the development team needs storage, which can only be accessed using keys and managed identities. They have also expressed a desire to implement role-based access control to better manage resource permissions. Additionally, for testing purposes, the app requires protected immutable storage to safeguard data from unauthorized modifications.
To achieve these goals, you’ll complete several key tasks. First, you’ll create a storage account and set up a managed identity for the application. After that, you’ll secure access to the storage account by creating a key vault and generating a key within it. You’ll then configure the storage account to use a customer-managed key stored in the key vault. Lastly, you’ll configure a time-based retention policy and establish an encryption scope to further secure the data.
Learning Objectives
- Create the storage account and managed identity
- Secure access to the storage account with a key vault and key
- Configure the storage account to use the customer managed key in the key vault
- Configure a time-based retention policy and an encryption scope
Exam Relevance
The skills you learn in this lab will help you earn the Microsoft Applied Skills: Secure storage for Azure Files and Azure Blob Storage credential.
After you’ve worked through the guided lab (blue button) a few times, try the challenge lab!