Storing Files safely & securely in Publicly Accessible Storage

I had a requirement recently in my adventures with Azure JSON/DSC VM deployment, I needed a way to store source files and software in a repository in a publicly accessible Azure blob storage container. So that post deployment, my VM could use DSC and pull down the source files, decrypt them and work with them.

The only way I could do this is if I safely encrypted the files, so if someone got access to them, I wouldn’t really care, they’d be effectively useless.

Below uses encryption using two strings passwords as well as any certificate’s thumbprint as added security. It means that the certificate you use is a bit relaxed on the type of certificate you use, but as long at the certificate you use is installed on all target machines when the decryption takes place.

The script below uses Rijndael encryption (pronounced rain-dahl), it is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). AES is a subset of the Rijndael cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen. AES has been adopted by the U.S. government and is now used worldwide.

More info – https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Azure PowerShell

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: