Task 2: Create and configure Azure Storage accounts, follow the steps in the URL (If you need to)
Task 3: Manage blob storage
Task 4: Manage authentication and authorization for Azure Storage
Task 2 :
So we have our rg and storage account ready, let’s add a blob container
az104-07-rg1
az10407storageaccount
On the networking tab, we accept the default option Public endpoint (all networks}. This is secure, you need the KEY or SAS to access it.
Task 3:
Create a blob container and upload a blob into it.
Here we have uploaded a .txt file to our az104-07-container
Task 4: Manage authentication and authorization for Azure Storage
In this task, you will configure authentication and authorization for Azure Storage.
On the txt file blade, on the Overview tab, click Copy to clipboard button next to the URL entry.
Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step,
You should be presented with an XML-formatted message stating ResourceNotFound or PublicAccessNotPermitted.
Note: This is expected, since the container you created has the public access level set to Private (no anonymous access).
https://az10407storageaccount.blob.core.windows.net/az104-07-container/Lorem%20Ipsum.txt
ResourceNotFound
Return to the txt file window and switch to the Generate SAS tab, specify the following settings (leave others with their default values)
Click Copy to clipboard button next to the Blob SAS URL entry
You should now be able to see the text
Close the InPrivate mode browser window, return to the browser window showing the txt blade of the Azure Storage container, and from there, navigate back to the az104-07-container blade.
Note: You can see an error when you change the authentication method (the error is “You do not have permissions to list the data using your user account with Azure AD”). It is expected.
Note: At this point, you do not have permissions to change the Authentication method.
On the az104-07-container blade, click Access Control (IAM).
In the Add section, click Add a role assignment.
On the Add role assignment blade, specify the following settings:
Save the change and return to the Overview blade of the az104-07-container container and verify that you can change the Authentication method to (Switch to Azure AD User Account). (It could take some minutes.)
Azure AD
Assign an Azure role for access to blob data – Azure Storage | Microsoft Docs