Professional Documents
Culture Documents
Azure Storage PDF
Azure Storage PDF
Azure Storage is Microsoft's cloud storage solution for modern data storage scenarios. Azure Storage offers a
massively scalable object store for data objects, a file system service for the cloud, a messaging store for reliable
messaging, and a NoSQL store. Azure Storage is:
Durable and highly available. Redundancy ensures that your data is safe in the event of transient hardware
failures. You can also opt to replicate data across datacenters or geographical regions for additional protection
from local catastrophe or natural disaster. Data replicated in this way remains highly available in the event of an
unexpected outage.
Secure. All data written to Azure Storage is encrypted by the service. Azure Storage provides you with fine-
grained control over who has access to your data.
Scalable. Azure Storage is designed to be massively scalable to meet the data storage and performance needs
of today's applications.
Managed. Microsoft Azure handles hardware maintenance, updates, and critical issues for you.
Accessible. Data in Azure Storage is accessible from anywhere in the world over HTTP or HTTPS. Microsoft
provides SDKs for Azure Storage in a variety of languages -- .NET, Java, Node.js, Python, PHP, Ruby, Go, and
others -- as well as a mature REST API. Azure Storage supports scripting in Azure PowerShell or Azure CLI.
And the Azure portal and Azure Storage Explorer offer easy visual solutions for working with your data.
Blob storage
Azure Blob storage is Microsoft's object storage solution for the cloud. Blob storage is optimized for storing
massive amounts of unstructured data, such as text or binary data.
Blob storage is ideal for:
Serving images or documents directly to a browser.
Storing files for distributed access.
Streaming video and audio.
Storing data for backup and restore, disaster recovery, and archiving.
Storing data for analysis by an on-premises or Azure-hosted service.
Objects in Blob storage can be accessed from anywhere in the world via HTTP or HTTPS. Users or client
applications can access blobs via URLs, the Azure Storage REST API, Azure PowerShell, Azure CLI, or an Azure
Storage client library. The storage client libraries are available for multiple languages, including .NET, Java, Node.js,
Python, PHP, and Ruby.
For more information about Blob storage, see Introduction to Blob storage.
Azure Files
Azure Files enables you to set up highly available network file shares that can be accessed by using the standard
Server Message Block (SMB ) protocol. That means that multiple VMs can share the same files with both read and
write access. You can also read the files using the REST interface or the storage client libraries.
One thing that distinguishes Azure Files from files on a corporate file share is that you can access the files from
anywhere in the world using a URL that points to the file and includes a shared access signature (SAS ) token. You
can generate SAS tokens; they allow specific access to a private asset for a specific amount of time.
File shares can be used for many common scenarios:
Many on-premises applications use file shares. This feature makes it easier to migrate those applications
that share data to Azure. If you mount the file share to the same drive letter that the on-premises application
uses, the part of your application that accesses the file share should work with minimal, if any, changes.
Configuration files can be stored on a file share and accessed from multiple VMs. Tools and utilities used by
multiple developers in a group can be stored on a file share, ensuring that everybody can find them, and that
they use the same version.
Diagnostic logs, metrics, and crash dumps are just three examples of data that can be written to a file share
and processed or analyzed later.
At this time, Active Directory-based authentication and access control lists (ACLs) are not supported, but they will
be at some time in the future. The storage account credentials are used to provide authentication for access to the
file share. This means anybody with the share mounted will have full read/write access to the share.
For more information about Azure Files, see Introduction to Azure Files.
Queue storage
The Azure Queue service is used to store and retrieve messages. Queue messages can be up to 64 KB in size, and a
queue can contain millions of messages. Queues are generally used to store lists of messages to be processed
asynchronously.
For example, say you want your customers to be able to upload pictures, and you want to create thumbnails for
each picture. You could have your customer wait for you to create the thumbnails while uploading the pictures. An
alternative would be to use a queue. When the customer finishes their upload, write a message to the queue. Then
have an Azure Function retrieve the message from the queue and create the thumbnails. Each of the parts of this
processing can be scaled separately, giving you more control when tuning it for your usage.
For more information about Azure Queues, see Introduction to Queues.
Table storage
Azure Table storage is now part of Azure Cosmos DB. To see Azure Table storage documentation, see the Azure
Table Storage Overview. In addition to the existing Azure Table storage service, there is a new Azure Cosmos DB
Table API offering that provides throughput-optimized tables, global distribution, and automatic secondary
indexes. To learn more and try out the new premium experience, please check out Azure Cosmos DB Table API.
For more information about Table storage, see Overview of Azure Table storage.
Disk storage
An Azure managed disk is a virtual hard disk (VHD ). You can think of it like a physical disk in an on-premises
server but, virtualized. Azure managed disks are stored as page blobs, which are a random IO storage object in
Azure. We call a managed disk ‘managed’ because it is an abstraction over page blobs, blob containers, and Azure
storage accounts. With managed disks, all you have to do is provision the disk, and Azure takes care of the rest.
For more information about managed disks, see Introduction to Azure managed disks.
SUPPORTED
STORAGE SUPPORTED PERFORMANCE SUPPORTED REPLICATION DEPLOYMENT
ACCOUNT TYPE SERVICES TIERS ACCESS TIERS OPTIONS MODEL1 ENCRYPTION2
General- Blob, File, Standard, Hot, Cool, LRS, ZRS4 , Resource Encrypted
purpose V2 Queue, Table, Premium5 Archive3 GRS, RA-GRS Manager
and Disk
General- Blob, File, Standard, N/A LRS, GRS, RA- Resource Encrypted
purpose V1 Queue, Table, Premium5 GRS Manager,
and Disk Classic
Blob storage Blob (block Standard Hot, Cool, LRS, GRS, RA- Resource Encrypted
blobs and Archive3 GRS Manager
append blobs
only)
1Using the Azure Resource Manager deployment model is recommended. Storage accounts using the classic
deployment model can still be created in some locations, and existing classic accounts continue to be supported.
For more information, see Azure Resource Manager vs. classic deployment: Understand deployment models and
the state of your resources.
2All storage accounts are encrypted using Storage Service Encryption ( SSE ) for data at rest. For more information,
see Azure Storage Service Encryption for Data at Rest.
3
3The Archive tier
is available at level of an individual blob only, not at the storage account level. Only block blobs
and append blobs can be archived. For more information, see Azure Blob storage: Hot, Cool, and Archive storage
tiers.
4Zone-redundant storage ( ZRS ) is available only for
standard general-purpose v2 storage accounts. For more
information about ZRS, see Zone redundant storage (ZRS ): Highly available Azure Storage applications. For more
-
information about other replication options, see Azure Storage replication.
5Premium performance for general-purpose v2 and general-purpose v1 accounts is available for disk and page
blob only.
For more information about storage account types, see Azure storage account overview.
Encryption
There are two basic kinds of encryption available for the Storage services. For more information about security and
encryption, see the Azure Storage security guide.
Encryption at rest
Azure Storage Service Encryption (SSE ) at rest helps you protect and safeguard your data to meet your
organizational security and compliance commitments. With this feature, Azure Storage automatically encrypts your
data prior to persisting to storage and decrypts prior to retrieval. The encryption, decryption, and key management
are totally transparent to users.
SSE automatically encrypts data in all performance tiers (Standard and Premium), all deployment models (Azure
Resource Manager and Classic), and all of the Azure Storage services (Blob, Queue, Table, and File). SSE does not
affect Azure Storage performance.
For more information about SSE encryption at rest, see Azure Storage Service Encryption for Data at Rest.
Client-side encryption
The storage client libraries have methods you can call to programmatically encrypt data before sending it across
the wire from the client to Azure. It is stored encrypted, which means it also is encrypted at rest. When reading the
data back, you decrypt the information after receiving it.
For more information about client-side encryption, see Client-Side Encryption with .NET for Microsoft Azure
Storage.
Redundancy
In order to ensure that your data is durable, Azure Storage replicates multiple copies of your data. When you set up
your storage account, you select a redundancy option.
Replication options for a storage account include:
Locally-redundant storage (LRS ): A simple, low -cost replication strategy. Data is replicated within a single
storage scale unit.
Zone-redundant storage (ZRS ): Replication for high availability and durability. Data is replicated synchronously
across three availability zones.
Geo-redundant storage (GRS ): Cross-regional replication to protect against region-wide unavailability.
Read-access geo-redundant storage (RA-GRS ): Cross-regional replication with read access to the replica.
For more information about disaster recovery, see Disaster recovery and storage account failover (preview ) in
Azure Storage.
Pricing
For detailed information about pricing for Azure Storage, see the Pricing page.
Next steps
To get up and running with Azure Storage, see Create a storage account.
Deciding when to use Azure Blobs, Azure Files, or Azure
Disks
5/21/2019 • 3 minutes to read • Edit Online
Microsoft Azure provides several features in Azure Storage for storing and accessing your data in the cloud. This article covers
Azure Files, Blobs, and Disks, and is designed to help you choose between these features.
Scenarios
The following table compares Files, Blobs, and Disks, and shows example scenarios appropriate for each.
Azure Files Provides an SMB interface, client libraries, and You want to "lift and shift" an application to
a REST interface that allows access from the cloud which already uses the native file
anywhere to stored files. system APIs to share data between it and
other applications running in Azure.
Azure Blobs Provides client libraries and a REST interface You want your application to support
that allows unstructured data to be stored streaming and random access scenarios.
and accessed at a massive scale in block
blobs. You want to be able to access application
data from anywhere.
Also supports Azure Data Lake Storage Gen2
for enterprise big data analytics solutions. You want to build an enterprise data lake on
Azure and perform big data analytics.
Azure Disks Provides client libraries and a REST interface You want to lift and shift applications that use
that allows data to be persistently stored and native file system APIs to read and write data
accessed from an attached virtual hard disk. to persistent disks.
http://myaccount.file.core.windows.net/myshare/myfile.t
Case sensitivity of names Case sensitive Case insensitive, but case preserving
Object Size Up to about 4.75 TiB per block blob Up to 1 TiB per file
Scope Exclusive to a single virtual machine Shared access across multiple virtual
machines
Configuration Connected at startup of the virtual machine Connected after the virtual machine has
started
Access using REST Files within the VHD cannot be accessed Files stored in a share can be accessed
Max Size 32 TiB disk 5 TiB File Share and 1 TiB file within share
Throughput Up to 900 MiB/s per Disk Target is 60 MiB/s per File Share (can get
higher for higher IO sizes)
Next steps
When making decisions about how your data is stored and accessed, you should also consider the costs involved. For more
information, see Azure Storage Pricing.
Some SMB features are not applicable to the cloud. For more information, see Features not supported by the Azure File service.
For more information about disks, see our Introduction to managed disks and How to Attach a Data Disk to a Windows Virtual
Machine.
What is Azure Blob storage?
4/7/2019 • 2 minutes to read • Edit Online
Azure Blob storage is Microsoft's object storage solution for the cloud. Blob storage is optimized for storing
massive amounts of unstructured data. Unstructured data is data that does not adhere to a particular data model or
definition, such as text or binary data.
Next steps
Introduction to Azure Blob storage
Introduction to Azure Data Lake Storage Gen2
Introduction to Azure Data Lake Storage Gen2
4/30/2019 • 4 minutes to read • Edit Online
Azure Data Lake Storage Gen2 is a set of capabilities dedicated to big data analytics, built on Azure Blob storage.
Data Lake Storage Gen2 is the result of converging the capabilities of our two existing storage services, Azure
Blob storage and Azure Data Lake Storage Gen1. Features from Azure Data Lake Storage Gen1, such as file
system semantics, directory, and file level security and scale are combined with low -cost, tiered storage, high
availability/disaster recovery capabilities from Azure Blob storage.
NOTE
Only the versions that appear in this table are supported.
Next steps
The following articles describe some of the main concepts of Data Lake Storage Gen2 and detail how to store,
access, manage, and gain insights from your data:
Hierarchical namespace
Create a storage account
Use a Data Lake Storage Gen2 account in Azure Databricks
What is Azure Files?
4/23/2019 • 3 minutes to read • Edit Online
Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server
Message Block (SMB ) protocol. Azure file shares can be mounted concurrently by cloud or on-premises
deployments of Windows, Linux, and macOS. Additionally, Azure file shares can be cached on Windows Servers
with Azure File Sync for fast access near where the data is being used.
Videos
INTRODUCING AZURE FILE SYNC (2 M) AZURE FILES WITH SYNC (IGNITE 2017) (85 M)
Key benefits
Shared access. Azure file shares support the industry standard SMB protocol, meaning you can seamlessly
replace your on-premises file shares with Azure file shares without worrying about application compatibility.
Being able to share a file system across multiple machines, applications/instances is a significant advantage
with Azure Files for applications that need shareability.
Fully managed. Azure file shares can be created without the need to manage hardware or an OS. This means
you don't have to deal with patching the server OS with critical security upgrades or replacing faulty hard
disks.
Scripting and tooling. PowerShell cmdlets and Azure CLI can be used to create, mount, and manage Azure
file shares as part of the administration of Azure applications.You can create and manage Azure file shares
using Azure portal and Azure Storage Explorer.
Resiliency. Azure Files has been built from the ground up to be always available. Replacing on-premises file
shares with Azure Files means you no longer have to wake up to deal with local power outages or network
issues.
Familiar programmability. Applications running in Azure can access data in the share via file system I/O
APIs. Developers can therefore leverage their existing code and skills to migrate existing applications. In
addition to System IO APIs, you can use Azure Storage Client Libraries or the Azure Storage REST API.
Next Steps
Create Azure file Share
Connect and mount on Windows
Connect and mount on Linux
Connect and mount on macOS
What are Azure Queues?
6/6/2019 • 2 minutes to read • Edit Online
Azure Queue storage is a service for storing large numbers of messages. You access messages from anywhere in
the world via authenticated calls using HTTP or HTTPS. A queue message can be up to 64 KB in size. A queue may
contain millions of messages, up to the total capacity limit of a storage account.
Common uses
Common uses of Queue storage include:
Creating a backlog of work to process asynchronously
Passing messages from an Azure web role to an Azure worker role
URL format: Queues are addressable using the following URL format:
https://<storage account>.queue.core.windows.net/<queue>
Storage account: All access to Azure Storage is done through a storage account. See Azure Storage
Scalability and Performance Targets for details about storage account capacity.
Queue: A queue contains a set of messages. The queue name must be all lowercase. For information on
naming queues, see Naming Queues and Metadata.
Message: A message, in any format, of up to 64 KB. Before version 2017-07-29, the maximum time-to-live
allowed is seven days. For version 2017-07-29 or later, the maximum time-to-live can be any positive
number, or -1 indicating that the message doesn't expire. If this parameter is omitted, the default time-to-
live is seven days.
Next steps
Create a storage account
Getting started with Queues using .NET
Introduction to Table storage in Azure
1/30/2019 • 3 minutes to read • Edit Online
TIP
The content in this article applies to the original Azure Table storage. However, there is now a premium offering for table
storage, the Azure Cosmos DB Table API that offers throughput-optimized tables, global distribution, and automatic
secondary indexes. There are some feature differences between Table API in Azure Cosmos DB and Azure table storage, to
learn more and try out the premium experience, please check out Azure Cosmos DB Table API.
Azure Table storage is a service that stores structured NoSQL data in the cloud, providing a key/attribute store
with a schemaless design. Because Table storage is schemaless, it's easy to adapt your data as the needs of your
application evolve. Access to Table storage data is fast and cost-effective for many types of applications, and is
typically lower in cost than traditional SQL for similar volumes of data.
You can use Table storage to store flexible datasets like user data for web applications, address books, device
information, or other types of metadata your service requires. You can store any number of entities in a table, and
a storage account may contain any number of tables, up to the capacity limit of the storage account.
You can address Azure tables directly using this address with the OData protocol. For more information,
see OData.org.
Accounts: All access to Azure Storage is done through a storage account. See Azure Storage Scalability
and Performance Targets for details about storage account capacity.
All access to Azure Cosmos DB is done through a Table API account. See Create a Table API account for
details creating a Table API account.
Table: A table is a collection of entities. Tables don't enforce a schema on entities, which means a single
table can contain entities that have different sets of properties.
Entity: An entity is a set of properties, similar to a database row. An entity in Azure Storage can be up to
1MB in size. An entity in Azure Cosmos DB can be up to 2MB in size.
Properties: A property is a name-value pair. Each entity can include up to 252 properties to store data.
Each entity also has three system properties that specify a partition key, a row key, and a timestamp.
Entities with the same partition key can be queried more quickly, and inserted/updated in atomic
operations. An entity's row key is its unique identifier within a partition.
For details about naming tables and properties, see Understanding the Table Service Data Model.
Next steps
Microsoft Azure Storage Explorer is a free, standalone app from Microsoft that enables you to work visually
with Azure Storage data on Windows, macOS, and Linux.
Get started with Azure Table Storage in .NET
View the Table service reference documentation for complete details about available APIs:
Storage Client Library for .NET reference
REST API reference
Introduction to Azure managed disks
4/22/2019 • 9 minutes to read • Edit Online
An Azure managed disk is a virtual hard disk (VHD ). You can think of it like a physical disk in an on-premises
server but, virtualized. Azure managed disks are stored as page blobs, which are a random IO storage object in
Azure. We call a managed disk ‘managed’ because it is an abstraction over page blobs, blob containers, and Azure
storage accounts. With managed disks, all you have to do is provision the disk, and Azure takes care of the rest.
When you select to use Azure managed disks with your workloads, Azure creates and manages the disk for you.
The available types of disks are Ultra Solid State Drives (SSD ) (Preview ), Premium SSD, Standard SSD, and
Standard Hard Disk Drives (HDD ). For more information about each individual disk type, see Select a disk type for
IaaS VMs.
Encryption
Managed disks offer two different kinds of encryption. The first is Storage Service Encryption (SSE ), which is
performed by the storage service. The second one is Azure Disk Encryption, which you can enable on the OS and
data disks for your VMs.
Storage Service Encryption (SSE)
Azure Storage Service Encryption provides encryption-at-rest and safeguards your data to meet your
organizational security and compliance commitments. SSE is enabled by default for all managed disks, snapshots,
and images in all the regions where managed disks are available. Visit the Managed Disks FAQ page for more
details.
Azure Disk Encryption (ADE)
Azure Disk Encryption allows you to encrypt the OS and Data disks used by an IaaS Virtual Machine. This
encryption includes managed disks. For Windows, the drives are encrypted using industry-standard BitLocker
encryption technology. For Linux, the disks are encrypted using the DM -Crypt technology. The encryption process
is integrated with Azure Key Vault to allow you to control and manage the disk encryption keys. For more
information, see Azure Disk Encryption for IaaS VMs.
Disk roles
There are three main disk roles in Azure: the data disk, the OS disk, and the temporary disk. These roles map to
disks that are attached to your virtual machine.
Data disk
A data disk is a managed disk that's attached to a virtual machine to store application data, or other data you need
to keep. Data disks are registered as SCSI drives and are labeled with a letter that you choose. Each data disk has a
maximum capacity of 32,767 gibibytes (GiB ). The size of the virtual machine determines how many data disks you
can attach to it and the type of storage you can use to host the disks.
OS disk
Every virtual machine has one attached operating system disk. That OS disk has a pre-installed OS, which was
selected when the VM was created.
This disk has a maximum capacity of 2,048 GiB.
Temporary disk
Every VM contains a temporary disk, which is not a managed disk. The temporary disk provides short-term
storage for applications and processes and is intended to only store data such as page or swap files. Data on the
temporary disk may be lost during a maintenance event event or when you redeploy a VM. On Azure Linux VMs,
the temporary disk is /dev/sdb by default and on Windows VMs the temporary disk is D: by default. During a
successful standard reboot of the VM, the data on the temporary disk will persist.
Next steps
Learn more about the individual disk types Azure offers, which type is a good fit for your needs, and learn about
their performance targets in our article on disk types.
Select a disk type for IaaS VMs
Introduction to Azure managed disks
4/22/2019 • 9 minutes to read • Edit Online
An Azure managed disk is a virtual hard disk (VHD ). You can think of it like a physical disk in an on-premises
server but, virtualized. Azure managed disks are stored as page blobs, which are a random IO storage object in
Azure. We call a managed disk ‘managed’ because it is an abstraction over page blobs, blob containers, and Azure
storage accounts. With managed disks, all you have to do is provision the disk, and Azure takes care of the rest.
When you select to use Azure managed disks with your workloads, Azure creates and manages the disk for you.
The available types of disks are ultra disks (Preview ), premium solid-state drives (SSD ), standard SSD, and
standard hard disk drives (HDD ). For more information about each individual disk type, see Select a disk type for
IaaS VMs.
Encryption
Managed disks offer two different kinds of encryption. The first is Storage Service Encryption (SSE ), which is
performed by the storage service. The second one is Azure Disk Encryption, which you can enable on the OS and
data disks for your VMs.
Storage Service Encryption (SSE)
Azure Storage Service Encryption provides encryption-at-rest and safeguards your data to meet your
organizational security and compliance commitments. SSE is enabled by default for all managed disks, snapshots,
and images in all the regions where managed disks are available. Visit the Managed Disks FAQ page for more
details.
Azure Disk Encryption (ADE)
Azure Disk Encryption allows you to encrypt the OS and Data disks used by an IaaS Virtual Machine. This
encryption includes managed disks. For Windows, the drives are encrypted using industry-standard BitLocker
encryption technology. For Linux, the disks are encrypted using the DM -Crypt technology. The encryption process
is integrated with Azure Key Vault to allow you to control and manage the disk encryption keys. For more
information, see Azure Disk Encryption for IaaS VMs.
Disk roles
There are three main disk roles in Azure: the data disk, the OS disk, and the temporary disk. These roles map to
disks that are attached to your virtual machine.
Data disk
A data disk is a managed disk that's attached to a virtual machine to store application data, or other data you need
to keep. Data disks are registered as SCSI drives and are labeled with a letter that you choose. Each data disk has a
maximum capacity of 32,767 gibibytes (GiB ). The size of the virtual machine determines how many data disks you
can attach to it and the type of storage you can use to host the disks.
OS disk
Every virtual machine has one attached operating system disk. That OS disk has a pre-installed OS, which was
selected when the VM was created.
This disk has a maximum capacity of 2,048 GiB.
Temporary disk
Every VM contains a temporary disk, which is not a managed disk. The temporary disk provides short-term
storage for applications and processes and is intended to only store data such as page or swap files. Data on the
temporary disk may be lost during a maintenance event event or when you redeploy a VM. On Azure Linux VMs,
the temporary disk is /dev/sdb by default and on Windows VMs the temporary disk is D: by default. During a
successful standard reboot of the VM, the data on the temporary disk will persist.
Next steps
Learn more about the individual disk types Azure offers, which type is a good fit for your needs, and learn about
their performance targets in our article on disk types.
Select a disk type for IaaS VMs