Azure Storage and Best Practices

Posted byparisamoosavinezhadPosted inAzure Cloud, Cloud, KnowHowTags:, ,

Topics

  • Call Storage Rest API
  • How Authenticate by Azure Storage
  • How to secure the authentication values

This document presents the Azure Storage’s Best Practices.

Call Storage Rest API

The Storage’s REST API can be called as follows over HTTP/HTTPS. The output of this call is XML therefore the pre-built client libraries can help to work with XML output.

GET https://[url-for-service-account]/?comp=list&include=metadata

# Custom Domain can be used as well
# Https://[StorageName].blob.core.windows.net/
# Https://[StorageName].queue.core.windows.net/
# Https://[StorageName].table.core.windows.net/
# Https://[StorageName].file.core.windows.net/

How Authenticate by Azure Storage

  1. Storage Connection String: DefaultEndpointsProtocol=https;AccountName={your-storage};AccountKey={your-access-key};EndpointSuffix=core.windows.net
  2. Access Key & API Endpoint: Each storage has a unique access key.
  3. Shared Access Signature (SAS): It can have grained permission

How to secure the authentication values

  1. Using Key/value

Best Practice 1

Scenario

You’re building a photo-sharing application. Every day, thousands of users take pictures and rely on your application to keep them safe and make them accessible across all their devices. Storing these photos is critical to your business, and you would like to ensure that the system used in your application is fast, reliable, and secure. Ideally, this would be done without you having to build all these aspects into the app. [Source]

  1. Create a Storage
  2. Create an Application
  3. Configure Application
1. Create a Storage

–kind [BlobStorage|Storage|StorageV2]

–SKU [Premium_LRS|Standard_GRS|Standard_RAGRS|Standard_ZRS]

–access-tier [cool|hot]

# Create an Azure Storage
az storage account create \
        --resource-group learn-242f907f-37b3-454d-a023-dae97958e5d9 \
        --kind StorageV2 \
        --sku Standard_LRS \
        --access-tier Cool \
        --name parisalsnstorage

# Get the ConnectionString of the Storage
az storage account show-connection-string \
    --resource-group learn-242f907f-37b3-454d-a023-dae97958e5d9 \
    --name parisalsnstorage \
    --query parisalsnstorage
2. Create an Application
# Create a DotNet Core Application
# Create the project in spesific folder with -o / --output <folder-name>
dotnet new console --name PhotoSharingApp

# Change to project folder
cd PhotoSharingApp

# Run the project
dotnet run

# Create a appsettings.json file. The Storage connection string is kept here.
# This is the simple version 
touch appsettings.json
3. Configure Application
# Add Azure Storage NuGet Package
dotnet add package WindowsAzure.Storage

# Run to test the project
dotnet run

# Edit the appsettings.json
code .

After the appsettings.json file is opned in Editor change the content as follows

{
  "StorageAccountConnectionString": "The Storage Connection String must be placed here"
}

The next file is PhotoSharingApp.csproj. It have to be changed as follows

<Project Sdk="Microsoft.NET.Sdk">
   ...
    <PropertyGroup>
      <OutputType>Exe</OutputType>
      <LangVersion>7.1</LangVersion>
      <TargetFramework>netcoreapp2.2</TargetFramework>
    </PropertyGroup>
...
    <ItemGroup>
        <None Update="appsettings.json">
          <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
        </None>
    </ItemGroup>
    ...
</Project>

The last file if the program.cs file

using System;
using Microsoft.Extensions.Configuration;
using System.IO;
using Microsoft.WindowsAzure.Storage;
using System.Threading.Tasks;

namespace PhotoSharingApp
{
    class Program
    {
        static async Task Main(string[] args)
        {
            var builder = new ConfigurationBuilder()
                .SetBasePath(Directory.GetCurrentDirectory())
                .AddJsonFile("appsettings.json");

            var configuration = builder.Build();
            var connectionString = configuration["StorageAccountConnectionString"];

            # Simplest way to initialize the object model via either .TryParse or .Parse
            if (!CloudStorageAccount.TryParse(connectionString, out CloudStorageAccount storageAccount))
            {
                Console.WriteLine("Unable to parse connection string");
                return;
            }

            var blobClient = storageAccount.CreateCloudBlobClient();
            var blobContainer = blobClient.GetContainerReference("photoblobs");
            bool created = await blobContainer.CreateIfNotExistsAsync();

            Console.WriteLine(created ? "Created the Blob container" : "Blob container already exists.");
        }
    }
}

Best Practice 2

Best Practice n

I’m working on the content..it will be published soon 🙂

Published by parisamoosavinezhad

- Software Engineer - Software Architect - Software and database specialist - Cloud solution architect

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: