Last updated on January 4, 2025
Azure Blob Storage Cheat Sheet
- Binary Large Object
- Object storage solution for the cloud
- Stores all types of files: image, video, audio, log files backups, etc.
- Objects in Blob Storage are accessible via Azure Storage REST API, Azure Powershell, and Azure Command-Line Interface (CLI)
- Storage Account
- Unique namespace in Azure for your data
- If your storage account name is tutorialsdojo, then the default endpoint for Blob storage is: http://tutorialsdojo.blob.core.windows.net
- Container
- Organizes a set of blobs that are similar to a directory in a file system.
Storage Account Types For Blob Storage
Type | Performance Tier | Best used for |
General-Purpose v2 | Standard | Most scenarios using Blob Storage or one of the other Azure storage service |
Premium Block Blob | Premium | High transaction rates or that use smaller objects or require consistently low storage latency |
Page Blob | Premium | Storing text or binary files, for uploading large files efficiently |
Blob Types
- Block
- Store binary and text data up to 4.7 TB.
- Preview larger block blobs up to 190.7 TiB
- Append
- Ideal for logging data from virtual machines
- Page
- Store random-access files up to 8 TB in size
- Store virtual hard drive (VHD) files
Supported Access Tiers
- Hot
- Frequently accessed objects
- Most cost-effective, while storage costs are higher
- Default in new Storage Accounts
- Cool
- Infrequently accessed data
- More cost-effective, but higher access cost than hot tier
- Data remains for at least 30 days
- Archive
- Rarely accessed files.
- Lowest cost for storing data but the highest access cost.
- Data remains for at least 180 days.
- Lifecycle Management Policy
- A lifecycle configuration has a set of rules that define actions that are applied to a group of objects.
-
- Enables you to transition your data to the appropriate access tiers.
- Delete blobs at the end of their lifecycles
Azure Blob Features
- Versioning
- Identified by a version ID
- Enable versioning and restore an earlier version of a blob to recover your data.
- If you disable the versioning of the blob, it does not delete existing blobs, versions, or snapshots.
- Snapshots
- A read-only version of a blob that was taken at a given point in time.
- The snapshots persist until they are explicitly deleted.
- Object Replication
- Copies block blobs asynchronously between a source Storage account and a destination account.
- A source account can have up to two destination accounts. But there can be no more than two source accounts in the destination account.
- Static Website
- Serve your static website directly from a storage container named $web.
- CORS is not supported
- You can grant read-only access in your resources with public access level
- Enable Azure Content Delivery Network (CDN) to cache content from a static website
- You can use Azure CDN to configure a custom domain endpoint
- AzCopy
- AzCopy is a command-line utility that allows you to transfer blobs or files to or from a storage account.
- You can use Azure AD and SAS tokens to provide authorization credentials.
- These are the tasks that you can do using AzCopy:
- Upload files
- Download blobs and directories
- Copy blobs, directories, and containers between accounts.
- Synchronize local storage
- You can run AzCopy on Windows, Linux, and macOS.
Tools to Move Data to Blob Storage
- Azure Storage Data movement library
- .NET library for moving data between Azure Storage Services
- Azure Data Factory
- Supports copying data to and from Blob Storage by using the account key, a shared access signature, a service principal, or managed identities for Azure resources,
- Blobfuse
- A virtual file system driver for Azure Blob Storage
- Azure Data Box
- For transferring on-premises data to Blob Storage
- Azure Import/Export Service
- A way to import or export large amounts of data to and from your storage account using hard drives that you provide
Azure Blob Storage Security
- AzCopy method of authorization
- Blob storage – Azure Active Directory and Shared Access Signature
- File storage – Shared Access Signature only
- You can whitelist specific IP addresses or IP ranges to access your storage account.
- Private endpoints allow your storage account and virtual network to have a secure connection over a private link, eliminating exposure from the public internet.
- Azure Storage is using 256-bit AES encryption
- Customer-managed key
- Using Azure Key Vault, you can encrypt and decrypt data in Blob storage and in Azure Files.
- Customer-provided key
- A customer can include their own encryption key for granular control.
Key management parameter |
Microsoft-managed keys |
Customer-managed keys |
Customer-provided keys |
Encryption/decryption operations |
Azure |
Azure |
Azure |
Azure Storage services supported |
All |
Blob storage, Azure Files |
Blob storage |
Key storage |
Microsoft key store |
Azure Key Vault |
Customer’s own key store |
Key rotation responsibility |
Microsoft |
Customer |
Customer |
Key control |
Microsoft |
Customer |
Customer |
Azure Blob vs Disk vs File Storage:
https://tutorialsdojo.com/azure-blob-vs-disk-vs-file-storage/
Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.
Validate Your Knowledge
Question 1
Question Type: Multiple-choice
What are the available access tiers in Azure Blob Storage? (Select THREE.)
- Standard
- Hot
- Cool
- Premium
- Archive
- Magnetic
Question 2
Question Type: Multiple-choice
You have an Azure subscription that contains a storage account named tdstorageaccount1
.
You have 14 TB of files you need to migrate to tdstorageaccount1
using Azure Import/Export service.
You need to identify the two files you need to create before the preparation of the drives for journal file.
Which two files should you create?
- ARM template
- Dataset CSV File
- Driveset CSV file
- PowerShell PS1 file
- WAImportExport file
For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:
Azure Blob Storage Cheat Sheet Resources:
https://azure.microsoft.com/en-us/services/storage/blobs/
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-lifecycle-management-concepts?tabs=azure-portal
AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!
Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!
View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses