Creating and configuring storage accounts in Microsoft Azure is a vital skill for professionals wishing to pass the AZ-104 Microsoft Azure Administration exam. A storage account in Azure is a universally unique identifier that holds the details of all storage services like Blob, File, Queue, and Table storage under one unique account name, thereby providing a unique namespace. This article will guide through the steps of creating and configuring Azure storage accounts for better management of workloads in Azure environment.
Creating a Storage Account
Creating a storage account in Azure is a straightforward process:
- Log in to your Azure portal.
- Click on the ‘Storage accounts’ option on the left-hand side panel.
- On the new panel, click on ‘+Add.’
- Fill in the basic details like subscription, resource group, storage account name, location/region, performance, account kind, replication. Here is a brief about these fields:
- Subscription: Select your Azure subscription.
- Resource Group: Select an existing resource group or create a new one for your storage account.
- Storage account name: Enter a unique name. Remember that the name should be unique across Azure as it will become part of your storage URL.
- Location/Region: Select your preferred location or region for the storage account.
- Performance: Choose between Standard and Premium. Standard performance is for all kinds of storage and is less expensive than Premium, which is only for SSDs.
Performance | Use |
---|---|
Standard | All storage types, cheaper |
Premium | Only for SSDs, expensive |
- Account Kind: Choose between Storage (general purpose v1), StorageV2 (general purpose v2), and BlobStorage. Storage v1 accounts can be used for any type but don’t have all the latest features and pricing models offered by StorageV2.
Account Kind | Use |
---|---|
Storage (v1) | Any type, fewer features |
Storage (v2) | Any type, more features |
BlobStorage | Only for blob storage |
- Replication: Choose among LRS (Locally redundant storage), ZRS (Zone-redundant storage), GRS (Geo-redundant storage), and RAGRS (Read-access geo-redundant storage).
Replication | Use |
---|---|
LRS | Data is replicated within a single data center. |
ZRS | Data is replicated synchronously across three Azure availability zones in the same region. |
GRS | Data is replicated to a secondary region (hundreds of miles away). |
RAGRS | Data is also available for read access in the secondary region. |
5. Click on ‘Review + Create’ button to validate your storage account details.
Configuring a Storage Account
After creating a storage account, you may configure it according to your needs. Here’s how:
- Find and click on your storage account in the Azure portal.
- In the storage account window, you will find a number of settings you can configure according to your requirements. Here are a few notable settings:
- Access keys: You can view and copy your storage account’s access keys, which are used by applications to access data in your storage account.
- Firewalls and virtual networks: Here, you can configure the networks that can access your storage account.
- Access tier: Choose between the ‘Hot’ and ‘Cool’ access tiers depending on how often you expect to access the data in your storage account.
- Soft delete: Enable this feature to safeguard your blob data from accidental deletion.
3. Remember to save any changes made in these settings.
Creating and configuring Azure Storage account is a critical aspect of the Azure ecosystem, especially for candidates studying for the AZ-104 Microsoft Azure Administration exam. Practice with different settings and understand their implications to fully utilize Azure’s flexibility and to better tailor Azure’s features to meet your needs.
Practice Test
True or False: Azure storage accounts provide a unique namespace for your Azure storage data that is accessible from anywhere in the world over HTTP or HTTPS.
- Answer: True
Explanation: Azure Storage accounts indeed provide a unique namespace to store and access your Azure Storage data objects which can be accessed globally over HTTP or HTTPS.
Select all that apply: What types of data does an Azure Storage Account hold?
- a) Blobs
- b) Files
- c) Queues
- d) Tables
- e) Virtual machines
- Answer: a) Blobs, b) Files, c) Queues, d) Tables
Explanation: An Azure storage account contains all of your Azure Storage data objects: blobs, files, queues, tables, and disk.
In Azure Storage, which of the following is NOT a redundancy option?
- a) Geo-redundant storage (GRS)
- b) Locally redundant storage (LRS)
- c) Zone-redundant storage (ZRS)
- d) Sector-redundant storage (SRS)
- Answer: d) Sector-redundant storage (SRS)
Explanation: In Azure storage, there are several redundancy options such as GRS, LRS, ZRS, and RAGRS (Read-access geo-redundant storage) but there is no redundancy option as SRS.
True or False: It is not possible to change the storage redundancy option after creating a storage account in Azure.
- Answer: False
Explanation: You can indeed change the redundancy option for a storage account after its creation.
How are Storage Account names in Azure formatted?
- a) They must start with a numeral
- b) They must be all lowercase
- c) They can contain uppercase and lowercase letters
- d) They can contain symbols
- Answer: b) They must be all lowercase
Explanation: In Azure, storage account names must be unique across Azure, and must be between 3 and 24 characters in length and can only use numbers and lowercase letters.
True or False: Once an Azure Storage account is deleted, it can be recovered.
- Answer: False
Explanation: Azure Storage accounts, once deleted, are permanent and cannot be recovered.
Which type of Storage Account provides the lowest latency and best throughput?
- a) Standard
- b) Premium
- c) Archive
- d) All of them perform the same
- Answer: b) Premium
Explanation: Premium performance is for high transaction rates or uses where low latency is critical, best suited for scenarios with heavy workloads.
True or False: Using Azure Policies, we can enforce specific naming conventions for storage acounts.
- Answer: True
Explanation: Azure Policy is a service in Azure that you use to create, assign, and manage policies which can be used to enforce different rules and effects over resources, including specific naming conventions.
Select all that apply: What are the different types of Access tiers in storage accounts?
- a) Hot
- b) Warm
- c) Cold
- d) Archive
- Answer: a) Hot, c) Cold, d) Archive
Explanation: In Azure, there are three access tiers which can be changed at any time: hot, cool (not warm), and archive.
True or False: Azure Storage Service Encryption (SSE) encrypts your data before it is written to Azure Storage and decrypts it before retrieval.
- Answer: True
Explanation: Azure Storage Service Encryption indeed provides encryption and decryption of data stored in Azure, and it’s enabled by default for all storage account.
Interview Questions
What is the maximum capacity of a single storage account in Azure?
The maximum storage capacity of a single storage account in Azure is 5 PiB (Petabyte).
What are the four types of storage services provided under Azure Storage accounts?
Azure Blob storage, Azure File Storage, Azure Queue Storage, and Azure Table Storage are the four types of storage services offered.
How does Azure storage account redundancy work?
Azure keeps multiple copies of your data to prevent data loss due to hardware failures. You can choose the level of redundancy, with options including locally redundant storage (LRS), zone-redundant storage (ZRS), geo-redundant storage (GRS), and read-access geo-redundant storage (RA-GRS).
What are the types of Azure storage accounts?
There are two types: General-purpose v2 accounts, which are recommended for most scenarios, and Blob storage accounts, which are used when storing unstructured object data.
What are the performance tiers in Azure storage?
There are two performance tiers, Standard performance tier and Premium performance tier. Standard tier storage is backed by hard disk drives (HDDs) and provides cost-effective storage while the Premium tier uses solid-state drives (SSDs) and offers high-performance storage.
What is the purpose of the Azure storage account ‘Allow Blob Public Access’ setting?
The “Allow Blob Public Access” setting controls whether new containers in the storage account can be set to allow public blob access. It does not affect the permissions of any existing containers.
What is the functionality of Azure Blob Storage?
Azure Blob Storage is Microsoft’s object storage solution for the cloud. It is optimized for storing a large amount of unstructured data, such as text or binary data.
How can you secure your Azure storage account?
Azure storage provides a variety of mechanisms to secure the account, including Azure Role-Based Access Control (RBAC), Azure Active Directory (Azure AD), Shared Key authorization, and Shared Access Signatures (SAS).
What is an access key in the Azure storage account?
An access key in the Azure storage account is used to authenticate your application while making requests to this storage account. Azure provides two keys so that you may maintain connections using one key while regenerating the other.
Can you change the redundancy level of the existing Azure storage account?
Yes, Azure allows you to change the redundancy level of a storage account after it’s been created. This can be done through Azure portal, PowerShell, Azure CLI or REST APIs.
What is the purpose of a ‘Shared Access Signature (SAS)’ in an Azure storage account?
A shared access signature (SAS) is a secure way to share your storage resources without sharing your access keys. It provides you with a way to grant limited access to objects in your storage account to other clients, without exposing your account keys.
What is Azure File Storage?
Azure File Storage is a service that offers shared storage for applications using the standard SMB protocol. It’s designed to replace or supplement on-premises file servers and network-attached storage (NAS) devices.
What is geo-redundant storage (GRS) in Azure?
GRS in Azure is designed to provide at least 99.99999999999% (16 9’s) durability of objects over a given year by replicating your data to a secondary region that is hundreds of miles away from the primary region.
What is the purpose of lifecycle management in Azure Blob Storage?
Lifecycle management in Azure Blob storage allows you to manage and automate the lifecycle of your data. You can transition your data to the appropriate access tiers or archive in order to optimize costs.
How can you monitor your Azure storage account?
Azure provides built-in monitoring, diagnostics, and analytics capabilities. You can use metrics to monitor the performance of your storage account and you can set alerts based on these metrics. Also, you can use Azure Monitor, Log Analytics, and Event Hubs for advanced monitoring.