Secure storage for Azure Files and Azure Blob Storage – Applied Skill | Microsoft Learn

All the above is done

Do the guide project

Guided Project – Azure Files and Azure Blobs – Training | Microsoft Learn

This is a guided project module where you complete an end-to-end project by following step-by-step instructions. 

There are requirements for each exercise in the guided project

Exercise 1 – Provide storage for the IT department testing and training

Create a resource group and a storage account.

Rg and standard storage account.

Configure simple settings in the storage account.

Exercise 2 – Provide storage for the public website

Create a storage account with high availability.

Ensure the storage account has anonymous public access.


Create a blob storage container for the website documents.


Enable soft delete so files can be easily restored.


Enable blob versioning.

Exercise 3 – Provide private storage for internal company documents

Note: These instruction require you to have completed Lab 02a, Provide storage for internal documents.

So this must be present: Exercise 2 – Provide storage for the public website

Create a storage account and configure high availability.

Create a storage container, upload a file, and restrict access to the file.

Configure storage access tiers and content replication.

Navigate to the other storage account.

Exercise 4 – Provide shared file storage for the company offices

Create and configure a storage account for Azure Files.


Create and configure a file share with directory. (with default bck)


Configure and test snapshots.


Configure restricting storage access to selected virtual networks.

The storage account should only be accessed from the virtual network you just created. 

Exercise 5 – Provide storage for a new company app

Create the storage account and managed identity

Secure access to the storage account with a key vault and key


Configure the storage account to use the customer managed key in the key vault

Save, if error, wait a minute and try again.
Configure an time-based retention policy and an encryption scope.

Rm vault

Unregister st and delete vault after