Azure Blob Storage Cheat Sheet
- Binary Large Object
- Object storage solution for the cloud
- Stores all types of files: image, video, audio, log files backups, etc.
- Storage Account
- Unique namespace in Azure for your data
- If your storage account name is tutorialsdojo, then the default endpoint for Blob storage is: http://tutorialsdojo.blob.core.windows.net
- Container
- Organizes a set of blobs that are similar to a directory in a file system.
Blob Types
- Block
- Store binary and text data up to 4.7 TB.
- Preview larger block blobs up to 190.7 TiB
- Append
- Ideal for logging data from virtual machines
- Page
- Store random-access files up to 8 TB in size
- Store virtual hard drive (VHD) files
Supported Access Tiers
- Hot
- Frequently accessed objects
- Most cost-effective, while storage costs are higher
- Default in new Storage Accounts
- Cool
- Infrequently accessed data
- More cost-effective, but higher access cost than hot tier
- Data remains for at least 30 days
- Archive
- Rarely accessed files.
- Lowest cost for storing data but the highest access cost.
- Data remains for at least 180 days.
- Lifecycle Management Policy
- A lifecycle configuration has a set of rules that define actions that are applied to a group of objects.
- Enables you to transition your data to the appropriate access tiers.
- Delete blobs at the end of their lifecycles
Features
- Versioning
- Identified by a version ID
- Enable versioning and restore an earlier version of a blob to recover your data.
- If you disable the versioning of the blob, it does not delete existing blobs, versions, or snapshots.
- Snapshots
- A read-only version of a blob that was taken at a given point in time.
- The snapshots persist until they are explicitly deleted.
- Object Replication
- Copies block blobs asynchronously between a source Storage account and a destination account.
- A source account can have up to two destination accounts. But there can be no more than two source accounts in the destination account.
- Static Website
- Serve your static website directly from a storage container named $web.
- CORS is not supported
- You can grant read-only access in your resources with public access level
- Enable Azure Content Delivery Network (CDN) to cache content from a static website
- You can use Azure CDN to configure a custom domain endpoint
- AzCopy
- AzCopy is a command-line utility that allows you to transfer blobs or files to or from a storage account.
- You can use Azure AD and SAS tokens to provide authorization credentials.
- These are the tasks that you can do using AzCopy:
- Upload files
- Download blobs and directories
- Copy blobs, directories, and containers between accounts.
- Synchronize local storage
- You can run AzCopy on Windows, Linux, and macOS.
Azure Blob Storage Security
- AzCopy method of authorization
- Blob storage – Azure Active Directory and Shared Access Signature
- File storage – Shared Access Signature only
- You can whitelist specific IP addresses or IP ranges to access your storage account.
- Private endpoints allow your storage account and virtual network to have a secure connection over a private link, eliminating exposure from the public internet.
- Azure Storage is using 256-bit AES encryption
- Customer-managed key
- Using Azure Key Vault, you can encrypt and decrypt data in Blob storage and in Azure Files.
- Customer-provided key
- A customer can include their own encryption key for granular control.
Key management parameter | Microsoft-managed keys | Customer-managed keys | Customer-provided keys |
Encryption/decryption operations | Azure | Azure | Azure |
Azure Storage services supported | All | Blob storage, Azure Files | Blob storage |
Key storage | Microsoft key store | Azure Key Vault | Customer’s own key store |
Key rotation responsibility | Microsoft | Customer | Customer |
Key control | Microsoft | Customer | Customer |
Azure Blob vs Disk vs File Storage:
https://tutorialsdojo.com/azure-blob-vs-disk-vs-file-storage/
Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.
Validate Your Knowledge
Question 1
Question Type: Multiple-choice
What are the three available access tiers in Azure Blob Storage?
- Standard
- Hot
- Cool
- Premium
- Archive
- Magnetic
Question 2
Question Type: Multiple-choice
You have an Azure subscription that contains a storage account named tdstorageaccount1
.
You have 14 TB of files you need to migrate to tdstorageaccount1
using Azure Import/Export service.
You need to identify the two files you need to create before the preparation of the drives for journal file.
Which two files should you create?
- ARM template
- Dataset CSV File
- Driveset CSV file
- PowerShell PS1 file
- WAImportExport file
For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:
Azure Blob Storage Cheat Sheet Resources:
https://azure.microsoft.com/en-us/services/storage/blobs/
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-lifecycle-management-concepts?tabs=azure-portal