Storage Accounts In Azure

The data that can be stored in Azure Storage can be broken down into three categories: structured data, unstructured data, and virtual machine data.

Structured data

Structured data is kept relationally with a shared schema. Organized data is often stored in a database table with rows, columns, and keys.

Azure Table Storage, Azure Cosmos DB, and Azure SQL Database are all suitable for storing structured data. Database services can be found in Microsoft Azure in the form of Cosmos DB, a worldwide distributed service. Microsoft Azure SQL Database is a completely managed SQL database service.

Unstructured data

Unstructured data is the least arranged. It can be a bunch of different pieces of information that are stored together but don’t have a clear link between them. The way that unstructured data is set up is called non-relational.

Azure Blob Storage and Azure Data Lake Storage are two options for storing unstructured data in the cloud. To keep objects in the cloud at scale, Blob Storage uses the RESTful API. Hadoop Distributed File System (HDFS) is a tool offered by Azure Data Lake Storage.

Virtual machine data

Disks and files are used to store data for virtual machines. Disks are permanent block storage for Azure IaaS virtual machines. In the cloud, file sharing is completely managed.

Azure-managed drives are used to store information for virtual machines. Virtual computers utilise data discs to keep information like database files, website static content, and application code. The maximum data disc count for a given virtual computer size varies. Each data drive can hold up to 32,767 GB of information.

Storage account tiers

• Standard Magnetic hard discs back standard storage accounts (HDD). Standard storage costs the least per GB. Standard-tier storage works for mass storage and infrequent data access.
• Premium Solid-state drives (SSD) back up storage accounts and give them consistent, low-latency performance. With I/O-intensive applications like databases, you can use Azure’s Premium tier storage for virtual machine discs.

Standard storage accounts cannot be converted to Premium storage accounts or vice versa. You must create a new storage account of the desired type and, if necessary, copy data to the new storage account.

Azure Storage services

• Azure Blob Storage (containers): A massively scalable object store for text and binary data.
• Azure Files: Managed file shares for cloud or on-premises deployments.
• Azure Queue Storage: A messaging store for reliable messaging between application components.
• Azure Table Storage: A NoSQL store for schemaless storage of structured data or relational data.

Azure Blob Storage (containers)

Microsoft’s cloud object storage is Azure Blob Storage. Blob Storage is designed for massive amounts of unstructured or non-relational data like text or binary data.

• Serving images or documents directly to a browser.
• Storing files for distributed access.
• Streaming video and audio.
• Storing data for backup and restore disaster recovery, and archiving.
• Storing data for analysis by an on-premises or Azure-hosted service.

Blob Storage objects can be viewed globally via HTTP or HTTPS. Users or client apps can access blobs via URLs, the Azure Storage REST API, Azure PowerShell, the Azure CLI, or an Azure Storage client library. Storage client libraries are provided for .NET, Java, Node.js, Python, PHP, and Ruby.

Azure Blob Storage by using the NFS protocol.

Azure Files

Azure Files lets you create reliable network file groups. SMB and NFS can reach shares. Virtual machines can view and write files together.

Azure Queue Storage

Azure Queue Storage is a messaging service that can be used to both store and retrieve communications. The maximum amount of a message that can be stored in a queue is 64 KB, and a queue can store millions of messages.

Azure Table Storage (Azure Cosmos DB)

Azure Cosmos DB, a fully managed NoSQL database for modern app creation, includes Azure Table Storage. Azure Cosmos DB automatically manages, changes, and patches databases. It manages capacity with cost-effective serverless and automatic scaling to meet application demand.

Storage Account Types

Storage account	Supported services	Recommended usage
Standard general-purpose v2	Blob Storage (including Data Lake Storage), Queue Storage, Table Storage, and Azure Files	Standard storage accounts for most scenarios, including blobs, file shares, queues, tables, and disks (page blobs).
Premium block blobs	Blob Storage (including Data Lake Storage)	Premium storage accounts for block blobs and append blobs
Premium file shares	Azure Files	Premium storage accounts for file shares only. Server Message Block (SMB) and NFS file
Premium page blobs	Page blobs only	Premium high-performance storage accounts for page blobs only. Page blobs are ideal for storing index-based and sparse data structures, such as operating systems, data disks for virtual machines, and databases.

All storage account types are encrypted by using Storage Service Encryption (SSE) for data at rest.

Replication strategies

Your Azure storage account’s data is constantly replicated to ensure its durability and high availability.

• Locally redundant storage (LRS)
• Zone redundant storage (ZRS)
• Geo-redundant storage (GRS)
• Geo-zone-redundant storage (GZRS)

Access Storage

Azure Storage assigns a distinct URL to every object you store there. The “subdomain” of the full URL will be the name you give your storage account. An endpoint for your storage account is the combination of the service-specific subdomain and the primary domain name.

Using the example storage account mystorageaccount, the accompanying table shows how the default endpoints for the various Azure services would be formed.

Service	Default endpoint
Container service	//mystorageaccount.blob.core.windows.net
Table service	//mystorageaccount.table.core.windows.net
Queue service	//mystorageaccount.queue.core.windows.net
File service	//mystorageaccount.file.core.windows.net

Secure storage endpoints

Azure service has required steps to configure the service endpoints and restrict network access for the service.

• The Firewalls and virtual networks settings restrict access to your storage account from specific subnets on virtual networks or public IPs.
• You can configure the service to allow access to one or more public IP ranges.
• Subnets and virtual networks must exist in the same Azure region or region pair as your storage account.

 Azure Storage security strategies

There are a variety of methods administrators can employ to safeguard their info. Methods like encrypting data, verifying the identity of a user, and authorizing their use of a system through the use of credentials, file permissions, and secret signatures are widely used. In order to keep your data safe, Azure Storage provides a number of different protection options based on industry standards.

Characteristics of Azure Storage security

• Encryption is automatically encrypted by using Azure Storage encryption.
• Authentication. Azure Active Directory (Azure AD) and role-based access control (RBAC)
• Data in transit. Client-Side Encryption, HTTPS, and SMB 3.0 secure data between an application and Azure.
• Disk encryption. Azure Disk Encryption encrypts Azure Virtual Machine operating system and data files.
• Shared access signatures. Shared access signatures allow Azure Storage data object delegation (SAS).
• Authorization. Your storage account’s resources are only available when you want them to be and to the users or applications you authorize.

 Authorization security Azure Active Directory, Shared Key, Shared access signatures, Anonymous access to containers and blobs

Implement Azure File Sync

Using Azure File Sync, you can store local copies of multiple Azure Files shares in a Windows Server or a cloud-hosted virtual computer. With Azure File Sync, you can move your company’s file shares to Azure Files while maintaining the familiarity, speed, and compatibility of a local file server.

Azure File Sync components

Azure File Sync’s four key components cache Azure Files shares on an on-premises Windows Server or cloud virtual machine.

Storage Sync Service Storage Sync Service forms sync relationships with multiple storage accounts by using multiple sync groups.

Sync group File sync topology is defined by a sync group. Sync group endpoints are synchronized. Azure File Sync can handle two sets of files. Here, you make two sync groups with different endpoints. The Disk Sync Service can host any number of sync groups.

Registered server The Storage Sync Service resource trusts your server (or cluster) through the authorized server object. You can connect unlimited servers to a Storage Sync Service resource.

Azure File Sync agent The Azure File Sync agent is a package you can download that syncs Windows Server with an Azure Files share.

Azure File Sync agent has three main components

• FileSyncSvc.exe: This file is the background Windows service that’s responsible for monitoring changes on server endpoints, and for initiating sync sessions to Azure.
• StorageSync.sys: This file is the Azure File Sync file system filter that supports cloud tiering. The filter is responsible for tiering files to Azure Files when cloud tiering is enabled.
• PowerShell cmdlets: These PowerShell management cmdlets allow you to interact with the Microsoft.StorageSync Azure resource provider. You can find the cmdlets at the following (default) locations:
  • C:\\Program Files\\Azure\\StorageSyncAgent\\StorageSync.Management.PowerShell.Cmdlets.dll
  • C:\\Program Files\\Azure\\StorageSyncAgent\\StorageSync.Management.ServerCmdlets.dll

Server endpoint An instance of a folder on a server disc is an example of a server endpoint. If the server destinations’ namespaces are distinct (like F:sync1 and F:sync2), then they can share the same volume.

Cloud endpoint A cloud endpoint is an Azure Files share that’s part of a sync group.

Azure Storage Tools

Storage Explorer

On Windows, macOS, and Linux computers, the Azure Storage Explorer application is a stand-alone application that makes it simple to interact with data stored in Azure Storage. You are able to access multiple accounts and subscriptions, as well as control all of your Storage content, with the help of Azure Storage Explorer.

Import/Export service

Azure Import/Export ships disc drives to Azure data centers to safely import large amounts of data to Azure Blob Storage and Azure Files. This tool can also transfer Azure Blob Storage data to disc drives and ship to on-premises sites.

Azure Import jobs

Azure Export jobs

WAImportExport tool

Azure Import/Export uses WAImportExport. Before importing data, the tool prepares drives and repairs corrupted or absent files.

The WAImportExport tool is available in two versions:

• Version 1 is best for importing and exporting data in Azure Blob Storage.
• Version 2 is best for importing data into Azure Files.

AzCopy tool

AzCopy can transmit data. AzCopy v10 is the latest command-line tool for Azure Blob Storage and Azure Files data copying. . AzCopy copies data between storage accounts or file systems.

𝐃𝐢𝐬𝐜𝐥𝐚𝐢𝐦𝐞𝐫 – All the post has only been shared for technology-related educational and knowledge-sharing purposes. Information was obtained from the source above and credited to the author or product/service company. There is no endorsement of any products or services.