Skip to main content

BLOB STORAGE

Blob stands for Binary large object. we can store files , text , videos etc.

Once we create a storage account, we can create containers ex: image where we can place the image files.

The image img1 can be accessed by using the above url. The storage account name has to be uniques because in order to access the blobs the we need to a unique url.. that is
http[s]://storagename.blob.core.windows,net



Virtual Directories instead of hierarchical structure

Blob storage doesnt support a heirarchical structure, so we can create nested folders to group our files. but we can name the files based on whatever way we want to group the files. Ex: 2020/personal/images/img.jpg
In short , there are no folders. It creates virtual directories and we can access the blobs using the url based on the path.

TYPES


1. Block Blobs: we cant append data to existing ones, but we can replace the old file with a new one. Ex: image , video etc. So if we store the log file as a block blob then we wont be able to append values to it.. it will create a new upload, so block blob type shudnt be specified for such instances.

2. Append Blob: Use append blobs for storing log files as we can append contents.

3. Page Blob: For VM's









 So anytime you build a virtual machine, it's got virtual disks, those virtual disks will be stored as page blobs, and these page blobs are optimized for random read/write operations. Now when it comes to working with other file types, like images and movies, like we were talking about before, those would be stored as block blobs. So block blobs are compromised of multiple blocks of data and, for example, a storage client like the C# storage client we're going to use coming up, has the ability to break up a file into multiple chunks or multiple blocks, and upload those chunks in parallel. So it's optimized for those upload scenarios, and of course, that decreases the upload time. So again, it's going to be the one that you probably use the most. But also keep in mind we have the concept of append blobs, and these are typically used with text files or log files where it's common that you actually are appending a line item to the end of a file, so this is really common with log files

While creating a storage account , we can choose a general account and then we would be able to use the same account for table storage also. if the performance is set to standard then the data will be stored on magnetic disk whereas premium will be stored on ssd storage.  Choose access tier to cool (pay less) normally used when queries arent very frequent.

Azure Blob storage is optimized for storing massive amounts of unstructured data. Unstructured data is data that does not adhere to a particular data model or definition, such as text or binary data. Blob storage offers three types of resources:


Nugets:

1. windowsazure.storage
2. microsoft.windowsazure.configurationmanager (used to read from config files)


Steps
1. get the access keys and copy them to the appsettings file. I have added them under "connection".
2. .Net standard 2.0 supports c# 7.3 , so select 2.1 version if c# 8 was intended.


Access Levels



 You can control public access for your blobs with the public access level that you can set on your containers. By default, the public access level is private, which means your container and your blobs are not visible to the public. Authentication is required to access your container and your blobs, and the URL at the bottom won't return your blob. When you set the public access level to blob, you grant public read access to all the blobs in that container. Now the URL at the bottom returns the content of the logo. png blob, but users need to know the URL to get the blob. They can't find out which blobs exist in your container. And exactly for this scenario, to find out which blobs exist in a container, there is a third public access level that is called container. With that level, anonymous users have still read access to all the blobs in the container, but in addition, they can list the blobs in the container without authentication.















Comments

Post a Comment

Popular posts from this blog

Azure AD Authentication And Authorization

ROLE BASED AUTHORIZATION Step1:   Setup  API. 1. Create an app registration and create an app role. Make sure that the app role is assigned to user and applications. We add it to both user groups and applications as this role can be then assigned to both users and applications. Scopes can only be assigned to apps. Now we can have only users with this role access our application. This app role behind the scenes adds an approles section to the manifest.json. We can directly add it to the manifest file also. Step 2:  Setup an app registration for the UI/ WEB App. . We will grant this app the read role created in the API app (shown above). Go to Azure AD and select the UI app registration. When we register an application 2 elements get created. 1. App registration  2. Enterprise Application -- service principal that get created for the app Adding roles to applications Go to the App registration => API Persmissions => Add a Permission => My API's The My Api's sec...
Post a Comment
Read more

Function APP and KV integration

 Create a function App and enable system assigned identity Create  a Keyvault and add a secret (Name in my case) Configure Access policies for the function app in keyvault Create an  access policy in Key Vault   for the application identity you created earlier. Enable the "Get" secret permission on this policy. Do not configure the "authorized application" or   applicationId   settings, as this is not compatible with a managed identity. https://docs.microsoft.com/en-us/azure/app-service/app-service-key-vault-references Key Vault references currently only support system-assigned managed identities. User-assigned identities cannot be used. We are granting our function app permissions to get and list all the secrets in this keyvault. Add Key Vault secrets reference in the Function App configuration Go to the keyvault and click on the secret we just created. Copy the secret identifier. We need to add this value to the function app configuration.  @Microsof...
Post a Comment
Read more

AZ-500 AppService Inside VNet

The intent is to create an appservice that is available inside a VNET. So we will create a vnet and put an appservice inside it. This Vnet will have 2 subnets. One that has the appservice and another one that will have a VM.. We need to make sure that this Appservice can be accessed only inside the VM (inside the same VNET)  1. Create a Vnet Total Address space is 256.. We split into 2 subnets 2. Create an Appservice in standard or above tier as the lower tiers dont support networking.  and select the Vnet and select the sub2 subnet 3. Create a Virtual Machine inside sub1. 4. Go to Appservices and onto the networking tab and select Access Restrictions Create a rule and select VNET and subnet that we created earlier. We can also specify IP Address. Then this appservice can be accessed by the specified IP's only. So this appservice can only be accessed within subnet 1. Which is where we have deployed the VM.. From Internet Inside VM (Subnet 1)
Post a Comment
Read more