- Binary Large Object
- Object storage solution for the cloud
- Stores all types of files: image, video, audio, log files backups, etc.
- Storage Account
- Unique namespace in Azure for your data
- If your storage account name is tutorialsdojo, then the default endpoint for Blob storage is: http://tutorialsdojo.blob.core.windows.net
- Organizes a set of blobs that are similar to a directory in a file system.
- Store binary and text data up to 4.7 TB.
- Preview larger block blobs up to 190.7 TiB
- Ideal for logging data from virtual machines
- Store random-access files up to 8 TB in size
- Store virtual hard drive (VHD) files
Supported Access Tiers
- Frequently accessed objects
- Most cost-effective, while storage costs are higher
- Default in new Storage Accounts
- Infrequently accessed data
- More cost-effective, but higher access cost than hot tier
- Data remains for at least 30 days
- Rarely accessed files.
- Lowest cost for storing data but the highest access cost.
- Data remains for at least 180 days.
- Lifecycle Management Policy
- A lifecycle configuration has a set of rules that define actions that are applied to a group of objects.
- Enables you to transition your data to the appropriate access tiers.
- Delete blobs at the end of their lifecycles
- Identified by a version ID
- Enable versioning and restore an earlier version of a blob to recover your data.
- If you disable the versioning of the blob, it does not delete existing blobs, versions, or snapshots.
- A read-only version of a blob that was taken at a given point in time.
- The snapshots persist until they are explicitly deleted.
- Object Replication
- Copies block blobs asynchronously between a source Storage account and a destination account.
- A source account can have up to two destination accounts. But there can be no more than two source accounts in the destination account.
- Static Website
- Serve your static website directly from a storage container named $web.
- CORS is not supported
- You can grant read-only access in your resources with public access level
- Enable Azure Content Delivery Network (CDN) to cache content from a static website
- You can use Azure CDN to configure a custom domain endpoint
- AzCopy is a command-line utility that allows you to transfer blobs or files to or from a storage account.
- You can use Azure AD and SAS tokens to provide authorization credentials.
- These are the tasks that you can do using AzCopy:
- Upload files
- Download blobs and directories
- Copy blobs, directories, and containers between accounts.
- Synchronize local storage
- You can run AzCopy on Windows, Linux, and macOS.
- AzCopy method of authorization
- Blob storage – Azure Active Directory and Shared Access Signature
- File storage – Shared Access Signature only
- You can whitelist specific IP addresses or IP ranges to access your storage account.
- Private endpoints allow your storage account and virtual network to have a secure connection over a private link, eliminating exposure from the public internet.
- Azure Storage is using 256-bit AES encryption
- Customer-managed key
- Using Azure Key Vault, you can encrypt and decrypt data in Blob storage and in Azure Files.
- Customer-provided key
- A customer can include their own encryption key for granular control.
Key management parameter
Azure Storage services supported
Blob storage, Azure Files
Microsoft key store
Azure Key Vault
Customer’s own key store
Key rotation responsibility
Azure Blob vs Disk vs File Storage:
How to Create a Storage Account and Upload a Blob
Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.
Validate Your Knowledge
Question Type: Multiple-choice
What are the three available access tiers in Azure Blob Storage?
Question Type: Multiple-choice
You have an Azure subscription that contains a storage account named
You have 14 TB of files you need to migrate to
tdstorageaccount1 using Azure Import/Export service.
You need to identify the two files you need to create before the preparation of the drives for journal file.
Which two files should you create?
- ARM template
- Dataset CSV File
- Driveset CSV file
- PowerShell PS1 file
- WAImportExport file