Explore the option to encrypt data at rest, protecting stored date from attackers and satisfying auditors.
- [Instructor] In addition to access control to our data,…we also want to impose encryption.…Now unlike previously, encryption is applied by default.…Navigate to the Azure portal…and select one of your storage accounts.…On the left, look under Settings and Encryption.…And so previously, where you had…to opt into transparent encryption,…Microsoft now applies encryption…at the storage layer by default.…So Azure storage will always encrypt…your data behind the scenes.…Now should you wish to control…the keys used for the encryption,…you can do so by placing keys in the Azure Key Vault…and then using the Azure Key Vault,…you can use keys that you control…for the encryption of your data.…
Select the checkbox Use Your Own Key and scroll down.…Notice that you can select the key from an Azure Key Vault…and then that key will be used for encryption.…There's no additional action needed from the client side…so once you have your access control established…and you're able to interact with the APIs,…beautiful blobs, tables, files, or queues,…
Looking for study partners?Join the AZ-203 Azure Exam study group
Azure Storage is an important part of the Microsoft Azure developer toolkit. In this course, Anton Delsink provides a high-level overview of what Azure Storage is, as well as a brief look at the options available to developers: table, file, queue, and blob-based storage. Anton starts the course with a tour of the Azure portal and an explanation of how to create both a general-purpose storage account and a Blob storage account. Next, he covers important security and deployment topics that apply across all storage options. To wrap up, he briefly goes over each storage area. For a more in-depth exploration of each storage area—files, tables, blobs, and queues—check out additional courses in the Azure Storage for Developers series.
- Creating general-purpose and Blob storage accounts
- Shared key authentication
- Using shared access signatures (SAS)
- Granting privileges with stored access policies
- Encrypting data at rest
- Deploying Azure storage accounts from the command line
- Deploying Azure storage accounts using PowerShell
- Storage types, including blobs, tables, queues, and files