Azure Blob Storage With Security Using .NET


Azure blob storage is an object storage solution in the cloud that stores unstructured data (include audio, video, and text, etc.) to the Azure platform. This data can be accessed from anywhere in the world. Blobs are grouped into "containers" that are tied to user accounts.
Blob storage is designed for saving images to a browser, writing to log files, backup/restore, analysis of stored data, etc.
This article is divided into two parts. The first part is to create Azure blob storage in the Azure portal with security and then write .net core to push and pull the data from blob storage. 

Create Blob Storage

Step 1
Go to the Azure Portal and create a new resource -> Storage -> Storage Account.
Azure Blob Storage With Security Using .NET
Step 2
Enter all the details like unique storage account name, account type, and replication i.e. replica of one data center to another data center. You can select all other parameters as default for this example.
Azure Blob Storage With Security Using .NET
Step 3
Create a new container under the storage account for upload the file in container. select the access level as container(public) then later will change to private to see how to access secure data. 
Azure Blob Storage With Security Using .NET
Step 4
Upload the image from your machine into Azure by using the upload option.
Azure Blob Storage With Security Using .NET
Click on the image (jpg) file and copy the URL and open in a new tab, you should find a URL similar to below one. Anyone in the world can access this URL. lets move to add security on this container by changing the access level to private.

Create Azure blob storage with security (SAS's)

To use the security, change the access level to private and check the URL again, you may get the below error message when you try to access the same URL created in the previous step.
The specified resource does not exist. RequestId:a4644a6c-801e-001a-47e9-a22575000000 Time:2019-11-24T17:04:30.1733108Z.
Azure Blob Storage With Security Using .NET
Let's create a SAS token to access the same image. Right-click on image and Generate a SAS.
Azure Blob Storage With Security Using .NET 
Azure Blob Storage With Security Using .NET
you may notcied that blob SAS URL is generated, you can take this new url to acess the same image.

Managing blob storage by .NET

Once your blob account is created, now you can push and pull the data from this account. Let's have a new .NET project to do it.
Step 1
Create a new .netframework console application to test this.
Step 2
Import the Nuget packages Microsoft.Azure.KeyVault.Core & Microsoft.WindowsAzure.ConfigurationManager to access Azure storage account services.
Step 3
Perform the same steps using code as we did in the Azure portal. Create a Storage account first, then a container and download the image. Here is the code:
  1.  static void Main(string[] args)  
  2. {  
  3.             CloudStorageAccount storageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnection"));  
  4.             CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();  
  5.             CloudBlobContainer container = blobClient.GetContainerReference("newimages");  
  6.             container.CreateIfNotExists(BlobContainerPublicAccessType.Blob);  
  8.             // download file from azure blob storage  
  9.             CloudBlockBlob blockBlob2 = container.GetBlockBlobReference("Screenshot.png");  
  10.             using (var fileStream = System.IO.File.OpenWrite(@"path to download with imagefile and extension"))  
  11.             {  
  12.                 blockBlob2.DownloadToStream(fileStream);  
  13.             }  
  14. }  
Step 4
Once the download image is done, then you can upload the image to the storage account from your host machine. 
  1. // upload file from local to azure blob storage  
  2. CloudBlockBlob blockBlob = container.GetBlockBlobReference("img2.jpeg");  
  3. using (var fileStream = System.IO.File.OpenRead(@"path of file in local directory"))  
  4. {  
  5.      blockBlob.UploadFromStream(fileStream);  
  6. }  


Here, we experienced Azure blob storage account with shared access signatures(SASs)with the Azure portal and .NET language.