Ends in

SITEWIDE SALE! $3 OFF All Reviewers!

Azure Blob Storage

Home » Azure Cheat Sheets » Azure Storage Services » Azure Blob Storage

Azure Blob Storage

Azure Blob Storage Cheat Sheet

  • Binary Large Object
  • Object storage solution for the cloud
  • Stores all types of files: image, video, audio, log files backups, etc.

  • Storage Account
    • Unique namespace in Azure for your data
    • If your storage account name is tutorialsdojo, then the default endpoint for Blob storage is: http://tutorialsdojo.blob.core.windows.net
  • Container
    • Organizes a set of blobs that are similar to a directory in a file system.

Blob Types

  • Block 
    • Store binary and text data up to 4.7 TB.
    • Preview larger block blobs up to 190.7 TiB
  • Append 
    • Ideal for logging data from virtual machines
  • Page
    • Store random-access files up to 8 TB in size
    • Store virtual hard drive (VHD) files
Tutorials dojo strip

Supported Access Tiers

  • Hot
    • Frequently accessed objects
    • Most cost-effective, while storage costs are higher
    • Default in new Storage Accounts
  • Cool
    • Infrequently accessed data
    • More cost-effective, but higher access cost than hot tier
    • Data remains for at least 30 days
  • Archive
    • Rarely accessed files.
    • Lowest cost for storing data but the highest access cost.
    • Data remains for at least 180 days.
  • Lifecycle Management Policy
    • A lifecycle configuration has a set of rules that define actions that are applied to a group of objects.

    • Enables you to transition your data to the appropriate access tiers.
    • Delete blobs at the end of their lifecycles


  • Versioning
    • Identified by a version ID
    • Enable versioning and restore an earlier version of a blob to recover your data.
    • If you disable the versioning of the blob, it does not delete existing blobs, versions, or snapshots.
  • Snapshots
    • A read-only version of a blob that was taken at a given point in time.
    • The snapshots persist until they are explicitly deleted.
  • Object Replication
    • Copies block blobs asynchronously between a source Storage account and a destination account.
    • A source account can have up to two destination accounts. But there can be no more than two source accounts in the destination account.
  • Static Website
    • Serve your static website directly from a storage container named $web
    • CORS is not supported
    • You can grant read-only access in your resources with public access level
    • Enable Azure Content Delivery Network (CDN) to cache content from a static website
    • You can use Azure CDN to configure a custom domain endpoint
  • AzCopy
    • AzCopy is a command-line utility that allows you to transfer blobs or files to or from a storage account.
    • You can use Azure AD and SAS tokens to provide authorization credentials.
    • These are the tasks that you can do using AzCopy:
      • Upload files
      • Download blobs and directories
      • Copy blobs, directories, and containers between accounts.
      • Synchronize local storage
    • You can run AzCopy on Windows, Linux, and macOS.

Azure Blob Storage Security

  • AzCopy method of authorization
    • Blob storage – Azure Active Directory and Shared Access Signature
    • File storage – Shared Access Signature only
  • You can whitelist specific IP addresses or IP ranges to access your storage account.
  • Private endpoints allow your storage account and virtual network to have a secure connection over a private link, eliminating exposure from the public internet.
  • Azure Storage is using 256-bit AES encryption
  • Customer-managed key
    • Using Azure Key Vault, you can encrypt and decrypt data in Blob storage and in Azure Files.
  • Customer-provided key
    • A customer can include their own encryption key for granular control.

Key management parameter

Microsoft-managed keys

Customer-managed keys

Customer-provided keys

Encryption/decryption operations




Azure Storage services supported


Blob storage, Azure Files

Blob storage

Key storage

Microsoft key store

Azure Key Vault

Customer’s own key store

Key rotation responsibility




Key control





Azure Blob vs Disk vs File Storage:


Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.

Validate Your Knowledge

Question 1

Question Type: Multiple-choice

What are the three available access tiers in Azure Blob Storage?

  1. Standard
  2. Hot
  3. Cool
  4. Premium
  5. Archive
  6. Magnetic

Correct Answer: 2, 3, 5

An Azure storage account contains all of your Azure Storage data objects: blobs, files, queues, tables, and disks. The storage account provides a unique namespace for your Azure Storage data that is accessible from anywhere in the world over HTTP or HTTPS. Data in your Azure storage account is durable and highly available, secure, and massively scalable.

Azure storage offers different access tiers, which allow you to store blob object data in the most cost-effective manner. The available access tiers include:

Hot – Optimized for storing data that is accessed frequently.

Cool – Optimized for storing data that is infrequently accessed and stored for at least 30 days.

Archive – Optimized for storing data that is rarely accessed and stored for at least 180 days with flexible latency requirements (on the order of hours).

Hence, the correct answers are: Hot, Cool, and Archive.

Standard and Premium are incorrect because these are the performance tiers of Azure Blob Storage.

Magnetic is incorrect because there is no such tier or service in azure.


Note: This question was extracted from our AZ-900 Microsoft Azure Fundamentals Practice Exams.

Question 2

Question Type: Multiple-choice

You have an Azure subscription that contains a storage account named tdstorageaccount1.

You have 14 TB of files you need to migrate to tdstorageaccount1 using Azure Import/Export service.

You need to identify the two files you need to create before the preparation of the drives for journal file.

Which two files should you create?

  1. ARM template
  2. Dataset CSV File
  3. AWS Exam Readiness Courses
  4. Driveset CSV file
  5. PowerShell PS1 file
  6. WAImportExport file

Correct Answer: 2, 3

Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter. This service can also be used to transfer data from Azure Blob storage to disk drives and ship to your on-premises sites. Data from one or more disk drives can be imported either to Azure Blob storage or Azure Files.

Consider using Azure Import/Export service when uploading or downloading data over the network is too slow or getting additional network bandwidth is cost-prohibitive. Use this service in the following scenarios:

– Data migration to the cloud: Move large amounts of data to Azure quickly and cost-effectively.

– Content distribution: Quickly send data to your customer sites.

– Backup: Take backups of your on-premises data to store in Azure Storage.

– Data recovery: Recover large amount of data stored in storage and have it delivered to your on-premises location.

The first step of an import job is the preparation of the drives. This is where you need to generate a journal file. The following files are needed before you create a journal file:

The Dataset CSV File

– Dataset CSV file is the value of /dataset flag is a CSV file that contains a list of directories and/or a list of files to be copied to target drives. The first step to creating an import job is to determine which directories and files you are going to import.

– This can be a list of directories, a list of unique files, or a combination of those two. When a directory is included, all files in the directory and its subdirectories will be part of the import job.

The Driveset CSV file

– The value of the /InitialDriveSet or /AdditionalDriveSet flag is a CSV file that contains the list of disks to which the drive letters are mapped so that the tool can correctly pick the list of disks to be prepared.

Hence, the correct answers are:

– Dataset CSV File

– Driveset CSV file

The following options are incorrect because an Azure Import/Export journal file only requires a driveset CSV file and dataset CSV File during the preparation of your drives.

– ARM template

– PowerShell PS1 file

– WAImportExport file


Note: This question was extracted from our AZ-104 Microsoft Azure Administrator Practice Exams.

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Microsoft Azure Practice Exams Tutorials Dojo

Azure Blob Storage Cheat Sheet Resources:


Tutorials Dojo portal

Enroll Now – Our AWS Certification Exam Reviewers

AWS Practice Exams Tutorials Dojo

FREE AWS Exam Readiness Digital Courses

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?