Azure Storage Overview

Home » Azure Cheat Sheets » Azure Storage Services » Azure Storage Overview

Azure Storage Overview

Last updated on July 3, 2023

Azure Storage Overview Cheat Sheet

  • An Azure storage account contains blobs, files, queues, tables, and disks.
  • Types of Storage Accounts: General-purpose (v2 and v1), BlockBlobStorage, FileStorage, and BlobStorage
  • All storage accounts are encrypted using Storage Service Encryption (SSE) for data at rest
  • Storage accounts endpoints:
    • Blob storage: https://tutorialsdojo.blob.core.windows.net
    • Table storage: https://tutorialsdojo.table.core.windows.net
    • Queue storage: https://tutorialsdojo.queue.core.windows.net
    • Azure Files: https://tutorialsdojo.file.core.windows.net
    • Azure Data Lake Storage Gen2: https://tutorialsdojo.dfs.core.windows.net
  • Access tiers are: Hot, Cool, and Archive
    • Hot
      • Highest storage costs, but lowest access costs
      • Store data that is accessed frequently
      • By default, new storage accounts are created in the hot tier
    • Cool
      • Lower storage costs, but higher access costs
      • Store data that is infrequently accessed (at least 30 days)
      • You can use a cool access tier for short-term backup.
    • Archive
      • Lowest storage costs, but the highest retrieval costs
      • Store data that is rarely accessed (at least 180 days)
      • Data needs to be stored for a long time.
  • Storage redundancy includes: Locally redundant storage (LRS), Zone-redundant storage (ZRS), Geo-redundant storage (GRS), Geo-zone-redundant storage (GZRS)
    • Locally redundant storage (LRS) 
      • A low-cost redundancy strategy
      • Your data is copied synchronously three times within the primary region
    • Zone-redundant storage (ZRS)
      • Redundancy for high availability
      • The data is copied synchronously across three Azure availability zones in the primary region
    • Geo-redundant storage (GRS)
      • Cross-regional redundancy
      • In the primary region, data is synchronously copied three times, and then asynchronously copied to the secondary region.
      • Enable read-only geo-redundant storage (RA-GRS) to access data in the secondary region.
        •  
    • Geo-zone-redundant storage (GZRS)
      • Redundancy for both high availability and maximum durability
      • Data is copied synchronously across three Azure availability zones in the primary region, then copied asynchronously to the secondary region.
      • You can also enable RA-GZRS for read access data in the secondary region
  • Moving of data into different storage account can be done automatically or manually
  • Tutorials dojo strip
  • You can migrate data manually using:
    • AzCopy uses a command-line utility
    • Data Movement Library is designed for high-performance, reliable, and easy data transfer operations similar to AzCopy
    • REST API or client library lets you create a custom application to migrate your data

Types of Storage Accounts

  • General-purpose v2 accounts
    • Supports Data Lake Gen2, Blobs, Files Disks Queues Tables
    • Delivers the lowest per-gigabyte capacity prices for Azure Storage
  • General-purpose v1 accounts
    • Supports Blobs, Files, Disks, Queues, Tables
    • You can upgrade a general-purpose v1 account to a general-purpose v2 account with no downtime and without copying the data.
    • You can use general-purpose v1 accounts since the General-purpose v2 accounts and Blob storage accounts only support the Azure Resource Manager deployment model.
    • If you don’t need a large capacity for transaction-intensive or significant geo-replication bandwidth, GPv1 is a suitable choice
  • BlockBlobStorage accounts
    • Provides low, consistent latency, and higher transaction rates.
    • Upgrading a Blob storage account to a general-purpose v2 account has no downtime and you don’t need to copy the data
    • It doesn’t support hot, cool, and archive access tiers
    • You can use BlockBlobStorage for storing unstructured object data as block blobs or append blobs. 
  • FileStorage accounts
    • Only supports file shares
    • Offers IOPS bursting
  • BlobStorage accounts
    • Only supports block and append blobs.
    • BlobStorage account offers standard performance. While the BlockBlobStorage account supports premium performance.

Storage Account Type

Supported Services

Supported Performance Tiers

Supported Access Tiers

Replication Options

Deployment Model

Encryption

General-

purpose V2

Blob, File, Queue, Table, Disk, and Data Lake Gen2

Standard, Premium

Hot, Cool, Archive

LRS, GRS, RA-GRS, ZRS, GZRS (preview), RA-GZRS (preview)

Resource Manager

Encrypted

General-

purpose V1

Blob, File, Queue, Table, and Disk

Standard, Premium

N/A

LRS, GRS, RA-GRS

Resource Manager, Classic

Encrypted

BlockBlob

Storage

Blob (block blobs and append blobs only)

Premium

N/A

LRS, ZRS

Resource Manager

Encrypted

FileStorage

File only

Premium

N/A

LRS, ZRS

Resource Manager

Encrypted

BlobStorage

Blob (block blobs and append blobs only)

Standard

Hot, Cool, Archive

LRS, GRS, RA-GRS

Resource Manager

Encrypted

 

Security

  • To grant access in your storage account, the request must include a valid Authorization header
  • If authentication of identity is successful, then Azure Active Directory returns a token to use in authorizing the request to Azure Storage Services.
  • You can use shared key authorization to construct a connection string
  • Shared access signature allows you to have granular control on who can access your data
  • When you copy a file without the metadata for encryption, the blob content cannot be retrieved again.

Azure Storage Overview Pricing

  • You are charged based on your Region, Account type, Access Tier, and Storage Capacity
  • The replication and reads/write operations also incur costs.
  • If your data isn’t running in the same region, you’re charged for data egress.

Locally Redundant Storage (LRS) vs Zone-Redundant Storage (ZRS):
https://tutorialsdojo.com/locally-redundant-storage-lrs-vs-zone-redundant-storage-zrs/

Validate Your Knowledge

Question 1

Question Type: Single choice

You have an existing Azure subscription that has the following Azure Storage accounts.

Name

Kind

Performance

Replication

Access Tier

tdaccount1

General-purpose V2

Standard

Locally-redundant storage (LRS)

Cool

tdaccount2

General-purpose V2

Premium

Read-access geo-redundant storage (RA-GRS)

Hot

tdaccount3

General-purpose V1

Premium

Geo-redundant storage (GRS)

None

tdaccount4

BlobStorage

Standard

Locally-redundant storage (LRS)

Hot

There is a requirement to identify the storage accounts that can be converted to zone-redundant storage (ZRS) replication. This must be done only through a live migration from Azure Support.

Which of the following accounts can you convert to ZRS?

  1. tdaccount1
  2. tdaccount2
  3. tdaccount3
  4. tdaccount4

Correct Answer: 1

Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures.

When deciding which redundancy option is best for your scenario, consider the tradeoffs between lower costs and higher availability. The factors that help determine which redundancy option you should choose to include are:

– How your data is replicated in the primary region.

– Whether your data is replicated to a second region that is geographically distant to the primary region, to protect against regional disasters.

– Whether your application requires read access to the replicated data in the secondary region if the primary region becomes unavailable for any reason.

Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers four options for how your data is replicated:

    AWS Exam Readiness Courses
  1. Locally redundant storage (LRS) copies your data synchronously three times within a single physical location in the primary region. LRS is the least expensive replication option but is not recommended for applications requiring high availability.
  2. Zone-redundant storage (ZRS) copies your data synchronously across three Azure availability zones in the primary region. For applications requiring high availability.
  3. Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in a secondary region that is hundreds of miles away from the primary region.
  4. Geo-zone-redundant storage (GZRS) copies your data synchronously across three Azure availability zones in the primary region using ZRS. It then copies your data asynchronously to a single physical location in the secondary region.

You can switch a storage account from one type of replication to any other type, but some scenarios are more straightforward than others. If you want to add or remove geo-replication or read access to the secondary region, you can use the Azure portal, PowerShell, or Azure CLI to update the replication setting. However, if you want to change how data is replicated in the primary region, by moving from LRS to ZRS or vice versa, then you must perform a manual migration.

The following table provides an overview of how to switch from each type of replication to another:

To request a live migration to ZRS, GZRS, or RA-GZRS, you need to migrate your storage account from LRS to ZRS in the primary region with no application downtime. To migrate from LRS to GZRS or RA-GZRS, first switch to GRS or RA-GRS and then request a live migration. Similarly, you can request a live migration from GRS or RA-GRS to GZRS or RA-GZRS. To migrate from GRS or RA-GRS to ZRS, first switch to LRS, then request a live migration.

Live migration is supported only for storage accounts that use LRS or GRS replication. If your account uses RA-GRS then you need to first change your account’s replication type to either LRS or GRS before proceeding. This intermediary step removes the secondary read-only endpoint provided by RA-GRS before migration.

Hence, the correct answer is: tdaccount1.

tdaccount2 is incorrect because you need to first change your account’s replication type to either LRS or GRS before you change to zone-redundant storage (ZRS). The requirement states that you must only request live migration.

tdaccount3 is incorrect because a general-purpose V1 storage account type does not support zone-redundant storage (ZRS) as its replication option. Only General-purpose V2, FileStorage, and BlockBlobStorage support ZRS.

tdaccount4 is incorrect because a BlobStorage account type does not support zone-redundant storage (ZRS) as its replication option. Only General-purpose V2, FileStorage, and BlockBlobStorage support ZRS.

References:
https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy
https://docs.microsoft.com/en-us/azure/storage/common/redundancy-migration

Note: This question was extracted from our AZ-104 Microsoft Azure Administrator Practice Exams.

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Microsoft Azure Practice Exams Tutorials Dojo

Azure Storage Overview Cheat Sheet Resources:

https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview?toc=/azure/storage/blobs/toc.json
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create?tabs=azure-portal

Tutorials Dojo portal

Be Inspired and Mentored with Cloud Career Journeys!

Tutorials Dojo portal

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

Written by: Jon Bonso

Jon Bonso is the co-founder of Tutorials Dojo, an EdTech startup and an AWS Digital Training Partner that provides high-quality educational materials in the cloud computing space. He graduated from Mapúa Institute of Technology in 2007 with a bachelor's degree in Information Technology. Jon holds 10 AWS Certifications and is also an active AWS Community Builder since 2020.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?