Hey everyone! We're in the process of moving archived data from our network drives to Azure Blob Storage. Access to these files will be quite limited, probably less than five requests per month on average, but it might change depending on our projects.
I'm debating the best approach for this: should users request documents from admins who will send them the files? The downside here is that users might not know the exact file paths, making it hard for them to locate what they need. So, I'm wondering: would it be feasible and secure to give read-only access to users for accessing the Blob Storage?
Also, do files need to be downloaded to view them, or can they be accessed in some kind of viewer in Blob Storage? I haven't seen a demo yet, so I'm curious!
Thanks for any insights or advice you can share on this!
4 Answers
How much data are you planning to archive? That could influence your decision on how to manage access.
As long as your Storage Account is secured with a private endpoint and public access is disabled, it should be pretty secure. Just watch out for the subnet that the private endpoint is on; it needs to be accessible for your clients to retrieve files. One downside is that there isn't an integrated viewer for files, so they'll need to be downloaded from the Azure Portal or Azure Storage Explorer to view them.
A hybrid approach might work best for you. You can use Azure Active Directory to assign read-only roles to your users, which would give them some access while maintaining security. Also, consider using Azure Blob Index Tags or Azure Cognitive Search for easier file location. And if you need temporary access, Shared Access Signatures (SAS) can offer time-limited permissions.
Consider putting your files in SharePoint! It offers versioning, great search capabilities, and you can even mount it as a drive in Windows. That said, I’m curious why you're limiting access—if users can’t access the data, how will they know what to request?
All our organization’s files used to be on network drives, so users are familiar with where to find them. We moved active files to SharePoint, but what's left is archived data. Users occasionally need access to old files, and putting 2TB of data on SharePoint seems costly. Blob Storage seemed like a better option, but I’m open to other ideas!