Azure Storage Overview

  • An Azure storage account contains blobs, files, queues, tables, and disks.
  • Types of Storage Accounts: General-purpose (v2 and v1), BlockBlobStorage, FileStorage, and BlobStorage
  • All storage accounts are encrypted using Storage Service Encryption (SSE) for data at rest
  • Storage accounts endpoints:
    • Blob storage: https://tutorialsdojo.blob.core.windows.net
    • Table storage: https://tutorialsdojo.table.core.windows.net
    • Queue storage: https://tutorialsdojo.queue.core.windows.net
    • Azure Files: https://tutorialsdojo.file.core.windows.net
  • Access tiers are: Hot, Cool, and Archive
    • Hot
      • Highest storage costs, but lowest access costs
      • Store data that is accessed frequently
      • By default, new storage accounts are created in the hot tier
    • Cool
      • Lower storage costs, but higher access costs
      • Store data that is infrequently accessed (at least 30 days)
      • You can use a cool access tier for short-term backup.
    • Archive
      • Lowest storage costs, but the highest retrieval costs
      • Store data that is rarely accessed (at least 180 days)
      • Data needs to be stored for a long time.
  • Storage redundancy includes: Locally redundant storage (LRS), Zone-redundant storage (ZRS), Geo-redundant storage (GRS), Geo-zone-redundant storage (GZRS)
    • Locally redundant storage (LRS) 
      • A low-cost redundancy strategy
      • Your data is copied synchronously three times within the primary region
    • Zone-redundant storage (ZRS)
      • Redundancy for high availability
      • The data is copied synchronously across three Azure availability zones in the primary region
    • Geo-redundant storage (GRS)
      • Cross-regional redundancy
      • In the primary region, data is synchronously copied three times, and then asynchronously copied to the secondary region.
      • Enable read-only geo-redundant storage (RA-GRS) to access data in the secondary region.
    • Geo-zone-redundant storage (GZRS)
      • Redundancy for both high availability and maximum durability
      • Data is copied synchronously across three Azure availability zones in the primary region, then copied asynchronously to the secondary region.
      • You can also enable RA-GZRS for read access data in the secondary region
  • Moving of data into different storage account can be done automatically or manually
  • You can migrate data manually using:
    • AzCopy uses a command-line utility
    • Data Movement Library is designed for high-performance, reliable, and easy data transfer operations similar to AzCopy
    • REST API or client library lets you create a custom application to migrate your data

Types of Storage Accounts

  • General-purpose v2 accounts
    • Supports Data Lake Gen2, Blobs, Files Disks Queues Tables
    • Delivers the lowest per-gigabyte capacity prices for Azure Storage
  • General-purpose v1 accounts
    • Supports Blobs, Files, Disks, Queues, Tables
    • You can upgrade a general-purpose v1 account to a general-purpose v2 account with no downtime and without copying the data.
    • You can use general-purpose v1 accounts since the General-purpose v2 accounts and Blob storage accounts only support the Azure Resource Manager deployment model.
    • If you don’t need a large capacity for transaction-intensive or significant geo-replication bandwidth, GPv1 is a suitable choice
  • BlockBlobStorage accounts
    • Provides low, consistent latency, and higher transaction rates.
    • Upgrading a Blob storage account to a general-purpose v2 account has no downtime and you don’t need to copy the data
    • It doesn’t support hot, cool, and archive access tiers
    • You can use BlockBlobStorage for storing unstructured object data as block blobs or append blobs. 
  • FileStorage accounts
    • Only supports file shares
    • Offers IOPS bursting

Storage Account Type

Supported Services

Supported Performance Tiers

Supported Access Tiers

Replication Options

Deployment Model

Encryption

General-

purpose V2

Blob, File, Queue, Table, Disk, and Data Lake Gen2

Standard, Premium

Hot, Cool, Archive

LRS, GRS, RA-GRS, ZRS, GZRS (preview), RA-GZRS (preview)

Resource Manager

Encrypted

General-

purpose V1

Blob, File, Queue, Table, and Disk

Standard, Premium

N/A

LRS, GRS, RA-GRS

Resource Manager, Classic

Encrypted

BlockBlob

Storage

Blob (block blobs and append blobs only)

Premium

N/A

LRS, ZRS

Resource Manager

Encrypted

FileStorage

File only

Premium

N/A

LRS, ZRS

Resource Manager

Encrypted

BlobStorage

Blob (block blobs and append blobs only)

Standard

Hot, Cool, Archive

LRS, GRS, RA-GRS

Resource Manager

Encrypted

 

Security

  • To grant access in your storage account, the request must include a valid Authorization header
  • If authentication of identity is successful, then Azure Active Directory returns a token to use in authorizing the request to Azure Storage Services.
  • You can use shared key authorization to construct a connection string
  • Shared access signature allows you to have granular control on who can access your data
  • When you copy a file without the metadata for encryption, the blob content cannot be retrieved again.

Pricing

  • You are charged based on your Region, Account type, Access Tier, and Storage Capacity
  • The replication and reads/write operations also incur costs.
  • If your data isn’t running in the same region, you’re charged for data egress.

Locally Redundant Storage (LRS) vs Zone-Redundant Storage (ZRS):
https://tutorialsdojo.com/locally-redundant-storage-lrs-vs-zone-redundant-storage-zrs/

Validate Your Knowledge

Question 1

Question Type: Multiple-choice

You have an existing Azure subscription that has the following Azure Storage accounts.

Name

Kind

Performance

Replication

Access Tier

tdaccount1

General-purpose V2

Standard

Locally-redundant storage (LRS)

Cool

tdaccount2

General-purpose V2

Premium

Read-access geo-redundant storage (RA-GRS)

Hot

tdaccount3

General-purpose V1

Premium

Geo-redundant storage (GRS)

None

tdaccount4

BlobStorage

Standard

Locally-redundant storage (LRS)

Hot

There is a requirement to identify the storage accounts that can be converted to zone-redundant storage (ZRS) replication. This must be done only through a live migration from Azure Support.

Which of the following accounts can you convert to ZRS?

  1. tdaccount1
  2. tdaccount2
  3. tdaccount3
  4. tdaccount4

Correct Answer: 1

Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures.

When deciding which redundancy option is best for your scenario, consider the tradeoffs between lower costs and higher availability. The factors that help determine which redundancy option you should choose to include are:

– How your data is replicated in the primary region.

– Whether your data is replicated to a second region that is geographically distant to the primary region, to protect against regional disasters.

– Whether your application requires read access to the replicated data in the secondary region if the primary region becomes unavailable for any reason.

Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers four options for how your data is replicated:

  1. Locally redundant storage (LRS) copies your data synchronously three times within a single physical location in the primary region. LRS is the least expensive replication option but is not recommended for applications requiring high availability.
  2. Zone-redundant storage (ZRS) copies your data synchronously across three Azure availability zones in the primary region. For applications requiring high availability.
  3. Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in a secondary region that is hundreds of miles away from the primary region.
  4. Geo-zone-redundant storage (GZRS) copies your data synchronously across three Azure availability zones in the primary region using ZRS. It then copies your data asynchronously to a single physical location in the secondary region.

You can switch a storage account from one type of replication to any other type, but some scenarios are more straightforward than others. If you want to add or remove geo-replication or read access to the secondary region, you can use the Azure portal, PowerShell, or Azure CLI to update the replication setting. However, if you want to change how data is replicated in the primary region, by moving from LRS to ZRS or vice versa, then you must perform a manual migration.

Tutorials Dojo Study Guide and Cheatsheet

The following table provides an overview of how to switch from each type of replication to another:

To request a live migration to ZRS, GZRS, or RA-GZRS, you need to migrate your storage account from LRS to ZRS in the primary region with no application downtime. To migrate from LRS to GZRS or RA-GZRS, first switch to GRS or RA-GRS and then request a live migration. Similarly, you can request a live migration from GRS or RA-GRS to GZRS or RA-GZRS. To migrate from GRS or RA-GRS to ZRS, first switch to LRS, then request a live migration.

Live migration is supported only for storage accounts that use LRS or GRS replication. If your account uses RA-GRS then you need to first change your account’s replication type to either LRS or GRS before proceeding. This intermediary step removes the secondary read-only endpoint provided by RA-GRS before migration.

Hence, the correct answer is: tdaccount1.

tdaccount2 is incorrect because you need to first change your account’s replication type to either LRS or GRS before you change to zone-redundant storage (ZRS). The requirement states that you must only request live migration.

tdaccount3 is incorrect because a general-purpose V1 storage account type does not support zone-redundant storage (ZRS) as its replication option. Only General-purpose V2, FileStorage, and BlockBlobStorage support ZRS.

tdaccount4 is incorrect because a BlobStorage account type does not support zone-redundant storage (ZRS) as its replication option. Only General-purpose V2, FileStorage, and BlockBlobStorage support ZRS.

References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
https://docs.microsoft.com/en-us/azure/storage/common/redundancy-migration

Note: This question was extracted from our AZ-104 Microsoft Azure Administrator Practice Exams.

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Microsoft Azure Practice Exams Tutorials Dojo

Sources:
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview?toc=/azure/storage/blobs/toc.json
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create?tabs=azure-portal

NEW Course – Google Certified Associate Cloud Engineer Practice Exams

Google Certified Associate Cloud Engineer Practice Exams

NEW Course – AWS Certified Machine Learning Specialty Practice Exams 2021

AWS Certified Machine Learning Specialty Practice Exams

Pass your AWS and Azure Certifications with the Tutorials Dojo Portal

Tutorials Dojo portal

Our Bestselling AWS Certified Solutions Architect Associate Practice Exams

AWS Certified Solutions Architect Associate Practice Exams

Enroll Now – Our AWS Practice Exams with 95% Passing Rate

AWS Practice Exams Tutorials Dojo

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Study Guide and Cheat Sheets eBooks

Tutorials Dojo Study Guide and Cheat Sheets-2

FREE Intro to Cloud Computing for Beginners

FREE AWS Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers
error: Content is protected !!