Study/AZ-104-MicrosoftAzureAdministrator
1
0
Fork 0
mirror of https://github.com/MicrosoftLearning/AZ-104-MicrosoftAzureAdministrator.git synced 2026-02-04 23:59:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated to match minor interface changes.

Browse Source
This commit is contained in:
Clifford Brent Smith 2021-02-10 23:43:02 -07:00
parent b62c7d1f43
commit 0e5a1c6ada
1 changed files with 35 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
Instructions/Labs/LAB_07-Manage_Azure_Storage.md
View File

@ -16,7 +16,7 @@ You need to evaluate the use of Azure storage for storing files residing current
In this lab, you will:
+ Task 1: Provision the lab environment
+ Task 2: Create and configure Azure Storage accounts
+ Task 2: Create and configure Azure Storage accounts
+ Task 3: Manage blob storage
+ Task 4: Manage authentication and authorization for Azure Storage
+ Task 5: Create and configure an Azure Files shares
@ -30,15 +30,15 @@ In this lab, you will:
#### Task 1: Provision the lab environment
In this task, you will deploy an Azure virtual machine that you will use later in this lab.
In this task, you will deploy an Azure virtual machine that you will use later in this lab.
1. Sign in to the [Azure portal](https://portal.azure.com).
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
1. In the toolbar of the Cloud Shell pane, click the **Upload/Download files** icon, in the drop-down menu, click **Upload** and upload the files **\\Allfiles\\Module_07\\az104-07-vm-template.json** and **\\Allfiles\\Module_07\\az104-07-vm-parameters.json** into the Cloud Shell home directory.
@ -63,19 +63,19 @@ In this task, you will deploy an Azure virtual machine that you will use later i
-AsJob
```
>**Note**: Do not wait for the deployments to complete, but proceed to the next task.
>**Note**: Do not wait for the deployments to complete, but proceed to the next task.
1. Close the Cloud Shell pane.
#### Task 2: Create and configure Azure Storage accounts
#### Task 2: Create and configure Azure Storage accounts
In this task, you will create and configure an Azure Storage account.
In this task, you will create and configure an Azure Storage account.
1. In the Azure portal, search for and select **Storage accounts**, and then click **+ Add**.
1. In the Azure portal, search for and select **Storage accounts**, and then click **+ New**.
1. On the **Basics** tab of the **Create storage account** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| Setting | Value |
| --- | --- |
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a **new** resource group **az104-07-rg1** |
@ -93,13 +93,13 @@ In this task, you will create and configure an Azure Storage account.
>**Note**: Wait for the Storage account to be created. This should take about 2 minutes.
1. On the deployment blade, click **Go to resource** to display the Azure Storage account blade.
1. On the deployment blade, click **Go to resource** to display the Azure Storage account blade.
1. On the Azure Storage account blade, in the **Settings** section, click **Configuration**.
1. Click **Upgrade** to change the Storage account kind from **Storage (general purpose v1)** to **StorageV2 (general purpose v2)**.
1. Click **Upgrade** to change the Storage account kind from **Storage (general purpose v1)** to **StorageV2 (general purpose v2)**.
1. On the **Upgrade storage account** blade, review the warning stating that the upgrade is permanent and will result in billing charges, in the **Confirm upgrade** text box, type the name of the storage account, and click **Upgrade**.
1. On the **Upgrade storage account** blade, review the warning stating that the upgrade is permanent and will result in billing charges, in the **Confirm upgrade** text box, type the name of the storage account, and click **Upgrade**.
> **Note**: You have the option to set the account kind to **StorageV2 (general purpose v2)** at the provisioning time. The previous two steps were meant to illustrate that you also have the option to upgrade existing general purpose v1 accounts.
@ -127,11 +127,11 @@ In this task, you will create and configure an Azure Storage account.
#### Task 3: Manage blob storage
In this task, you will create a blob container and upload a blob into it.
In this task, you will create a blob container and upload a blob into it.
1. On the Storage account blade, in the **Blob service** section, click **Containers**.
1. Click **+ Container** and create a container with the following settings:
1. Click **+ Container** and create a container with the following settings:
| Setting | Value |
| --- | --- |
@ -140,7 +140,7 @@ In this task, you will create a blob container and upload a blob into it.
1. In the list of containers, click **az104-07-container** and then click **Upload**.
1. Browse to **\\Allfiles\\Module_07\\LICENSE** on your lab computer and click **Open**.
1. Browse to **\\Allfiles\\Module_07\\LICENSE** on your lab computer and click **Open**, then click **Upload**.
1. On the **Upload blob** blade, expand the **Advanced** section and specify the following settings (leave others with their default values):
@ -160,9 +160,9 @@ In this task, you will create a blob container and upload a blob into it.
1. Back on the **az104-07-container** blade, click **licenses** and then click **LICENSE**.
1. On the **licenses/LICENSE** blade, review the available options.
1. On the **licenses/LICENSE** blade, review the available options.
> **Note**: You have the option to download the blob, change its access tier (it is currently set to **Hot**), acquire a lease, which would change its lease status to **Locked** (it is currently set to **Unlocked**) and protect the blob from being modified or deleted, as well as assign custom metadata (by specifying an arbitrary key and value pairs). You also have the ability to **Edit** the file directly within the Azure portal interface, without downloading it first. You can also create snapshots, as well as generate a SAS token (you will explore this option in the next task).
> **Note**: You have the option to download the blob, change its access tier (it is currently set to **Hot**), acquire a lease, which would change its lease status to **Locked** (it is currently set to **Unlocked**) and protect the blob from being modified or deleted, as well as assign custom metadata (by specifying an arbitrary key and value pairs). You also have the ability to **Edit** the file directly within the Azure portal interface, without downloading it first. You can also create snapshots, as well as generate a SAS token (you will explore this option in the next task).
#### Task 4: Manage authentication and authorization for Azure Storage
@ -170,7 +170,7 @@ In this task, you will configure authentication and authorization for Azure Stor
1. On the **licenses/LICENSE** blade, on the **Overview** tab, click **Copy to clipboard** button next to the **URL** entry.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
1. You should be presented with an XML-formatted message stating **ResourceNotFound** or **PublicAccessNotPermitted**.
@ -182,6 +182,7 @@ In this task, you will configure authentication and authorization for Azure Stor
| Setting | Value |
| --- | --- |
| Signing key | **Key 1** |
| Permissions | **Read** |
| Start date | yesterday's date |
| Start time | current time |
@ -189,17 +190,17 @@ In this task, you will configure authentication and authorization for Azure Stor
| Expiry time | current time |
| Allowed IP addresses | leave blank |
| Allowed protocols | **HTTP** |
| Signing key | **Key 1** |
1. Click **Generate SAS token and URL**.
1. Click **Copy to clipboard** button next to the **Blob SAS URL** entry.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
> **Note**: If you are using Microsoft Edge, you should be presented with the **The MIT License (MIT)** page. If you are using Chrome, Microsoft Edge (Chromium) or Firefox, you should be able to view the content of the file by downloading it and opening it with Notepad.
> **Note**: This is expected, since now your access is authorized based on the newly generated the SAS token.
> **Note**: This is expected, since now your access is authorized based on the newly generated the SAS token.
> **Note**: Save the blob SAS URL. You will need it later in this lab.
@ -207,7 +208,7 @@ In this task, you will configure authentication and authorization for Azure Stor
1. Click the **Switch to the Azure AD User Account** link next to the **Authentication method** label.
> **Note**: At this point, you no longer have access to the container.
> **Note**: At this point, you no longer have access to the container.
1. On the **az104-07-container** blade, click **Access Control (IAM)**.
@ -224,12 +225,12 @@ In this task, you will configure authentication and authorization for Azure Stor
1. Save the change and return to the **Overview** blade of the **az104-07-container** container and verify that you can access to container again.
> **Note**: It might take about 5 minutes for the change to take effect.
#### Task 5: Create and configure an Azure Files shares
In this task, you will create and configure Azure Files shares.
> **Note**: Before you start this task, verify that the virtual machine you provisioned in the first task of this lab is running.
> **Note**: Before you start this task, verify that the virtual machine you provisioned in the first task of this lab is running.
1. In the Azure portal, navigate back to the blade of the storage account you created in the first task of this lab and, in the **File service** section, click **File shares**.
@ -246,13 +247,13 @@ In this task, you will create and configure Azure Files shares.
1. In the Azure portal, search for and select **Virtual machines**, and, in the list of virtual machines, click **az104-07-vm0**.
1. On the **az104-07-vm0** blade, in the **Operations** section, click **Run command**.
1. On the **az104-07-vm0** blade, in the **Operations** section, click **Run command**.
1. On the **az104-07-vm0 - Run command** blade, click **RunPowerShellScript**.
1. On the **az104-07-vm0 - Run command** blade, click **RunPowerShellScript**.
1. On the **Run Command Script** blade, paste the script you copied earlier in this task into the **PowerShell Script** pane and click **Run**.
1. Verify that the script completed successfully.
1. Verify that the script completed successfully.
1. Replace the content of the **PowerShell Script** pane with the following script and click **Run**:
@ -262,9 +263,9 @@ In this task, you will create and configure Azure Files shares.
New-Item -Type File -Path 'Z:\az104-07-folder\az-104-07-file.txt'
```
1. Verify that the script completed successfully.
1. Verify that the script completed successfully.
1. Navigate back to the **az104-07-share** file share blade, click **Refresh**, and verify that **az104-07-folder** appears in the list of folders.
1. Navigate back to the **az104-07-share** file share blade, click **Refresh**, and verify that **az104-07-folder** appears in the list of folders.
1. Click **az104-07-folder** and verify that **az104-07-file.txt** appears in the list of files.
@ -276,11 +277,11 @@ In this task, you will configure network access for Azure Storage.
1. Click the **Selected networks** option and review the configuration settings that become available once this option is enabled.
> **Note**: You can use these settings to configure direct connectivity between Azure virtual machines on designated subnets of virtual networks and the storage account by using service endpoints.
> **Note**: You can use these settings to configure direct connectivity between Azure virtual machines on designated subnets of virtual networks and the storage account by using service endpoints.
1. Click the checkbox **Add your client IP address** and save the change.
1. Open another browser window by using InPrivate mode and navigate to the blob SAS URL you generated in the previous task.
1. Open another browser window by using InPrivate mode and navigate to the blob SAS URL you generated in the previous task.
1. You should be presented with the content of **The MIT License (MIT)** page.
@ -290,14 +291,14 @@ In this task, you will configure network access for Azure Storage.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. From the Cloud Shell pane, run the following to attempt downloading of the LICENSE blob from the **az104-07-container** container of the storage account (replace the `[blob SAS URL]` placeholder with the blob SAS URL you generated in the previous task):
```powershell
Invoke-WebRequest -URI '[blob SAS URL]'
```
1. Verify that the download attempt failed.
1. Verify that the download attempt failed.
> **Note**: You should receive the message stating **AuthorizationFailure: This request is not authorized to perform this operation**. This is expected, since you are connecting from the IP address assigned to an Azure VM hosting the Cloud Shell instance.
@ -328,7 +329,7 @@ In this task, you will configure network access for Azure Storage.
In this lab, you have:
- Provisioned the lab environment
- Created and configured Azure Storage accounts
- Created and configured Azure Storage accounts
- Managed blob storage
- Managed authentication and authorization for Azure Storage
- Created and configured an Azure Files shares