Securing Azure Storage

Securing Azure Storage starts with an overview outlining the various authentication and authorization methods available to access Azure storage resources. We then look at each method, examining its benefits and disadvantages. Setting up access to storage resources using account keys and the various shared access signature variants demonstrates the practical implications and use cases of each access method. The course ends with a look at implementing Azure files as a mapped drive within an Azure virtual machine.

Learning Objectives

  • Overview of Azure account storage authentication and access
  • Create an account key rotation policy
  • See how to integrate storage account keys with Azure Key Vault
  • Implement Shared Access Signatures
  • Map a virtual machine drive to an Azure file share

Intended Audience

  • Students working towards the AZ-500: Microsoft Azure Security Technologies exam
  • Those wanting to learn how to secure an Azure storage account


  • Be familiar with Active Directory concepts such as managed identities and role-based access control, Azure Key Vault, and the basics of Azure storage resources

Hi, and welcome to this Securing Azure Storage course. My Name is Hallam Webber, and I'm an Azure instructor with 25-plus years of experience in the IT industry, and since 2014 I've focused on Microsoft Azure cloud technologies.

This course is intended for students who want to learn about ways to authenticate and authorize access to resources within an Azure storage account. The information presented in this course will be helpful to students preparing for the AZ-500: Microsoft Azure Security Technologies exam.

We start with an overview of Azure storage account authentication and authorization methods before delving into the specifics, pros, and cons that each method offers. This course is a combination of demos and step-by-step guides using the Azure portal and PowerShell scripts.

This is an intermediate-level course and assumes you already know what Azure storage is. We will be referencing role-based access control in the context of Azure storage, so assume you are reasonably familiar with RBAC. One of the lectures discusses security keys and integrating with Azure Key Vault, so I recommend first watching the Configuring and Managing Azure Key Vault course if you're unfamiliar with the key vault.

When I created this course, all information was current. If you have any feedback, positive or negative, or if you notice anything that needs to be updated or corrected, please reach out to us at

Without further ado, let's jump into securing an Azure storage account.


About the Author
Learning Paths

Hallam is a software architect with over 20 years experience across a wide range of industries. He began his software career as a  Delphi/Interbase disciple but changed his allegiance to Microsoft with its deep and broad ecosystem. While Hallam has designed and crafted custom software utilizing web, mobile and desktop technologies, good quality reliable data is the key to a successful solution. The challenge of quickly turning data into useful information for digestion by humans and machines has led Hallam to specialize in database design and process automation. Showing customers how leverage new technology to change and improve their business processes is one of the key drivers keeping Hallam coming back to the keyboard.