Azure Storage account overview

On this page:

Introduction to Azure Storage Accounts

An Azure storage account provides a unique namespace in Azure for your data. This namespace is accessible from anywhere in the world over HTTP or HTTPS. A storage account contains all of your Azure Storage data objects, including:

  • Blobs
  • File shares
  • Queues
  • Tables
  • Disks

A storage account offers a highly available, secure, scalable, and durable solution for modern applications. It's the foundation for building and deploying applications on Azure.

Storage Account Types

Azure offers several types of storage accounts, each optimized for different use cases:

General-purpose v2 (GPv2)

GPv2 accounts are the latest generation of Azure Storage general-purpose accounts. They support all the features of general-purpose v1 accounts, as well as:

  • Blob storage tiers: Hot, cool, and archive for optimized cost management.
  • Hierarchical namespace: For big data analytics scenarios with Azure Data Lake Storage Gen2.
  • Access tier controls at the account, container, or blob level.

BlockBlobStorage

These accounts are optimized for storing large amounts of unstructured data such as images, videos, and documents. They offer:

  • Low latency
  • High transaction rates
  • Support for hot and cool access tiers

FileStorage

These accounts are optimized for storing enterprise-grade file shares. They support:

  • Premium performance
  • NFS protocol for Linux/macOS clients
  • SMB protocol

StorageV1 (General-purpose v1)

These are older general-purpose accounts that support all Azure Storage services but do not support blob storage tiers or hierarchical namespaces.

Key Concepts

Understanding these core concepts is crucial when working with Azure Storage:

  • Namespace: A unique domain name for your storage account.
  • Services: The different data storage services offered (Blobs, Files, Queues, Tables).
  • Access Keys: Credentials used to authenticate access to your storage account.
  • Shared Access Signatures (SAS): Delegated access to resources in your storage account.
  • Resource Manager: The service for deploying and managing Azure resources.

Azure Storage Data Services

Blob Storage

Object storage for unstructured data like text or binary data. Can be optimized for serving images or documents directly to a browser, storing files for distributed access, streaming video and audio, writing to backup and restore logs and archives, and storing data for analysis by an on-premises or hosted service.


// Example: Uploading a blob
const { BlobServiceClient } = require("@azure/storage-blob");
const blobServiceClient = BlobServiceClient.fromConnectionString("YOUR_CONNECTION_STRING");
const containerClient = blobServiceClient.getContainerClient("mycontainer");
const blockBlobClient = containerClient.getBlockBlobClient("myblob");
blockBlobClient.upload("Hello World", "Hello World".length);

File Storage

Managed file shares in the cloud accessible via the SMB protocol. Azure Files can be mounted simultaneously by cloud or on-premises Windows, macOS, and Linux systems.

Queue Storage

Store large numbers of messages that can be accessed from anywhere in the world. Primarily used for reliable application messaging between. Web, application, and cloud services.

Table Storage

NoSQL key-attribute store for schemaless data. Offers a massive, schema-less data store for the kind of data you need to access rapidly.

Data Redundancy

Azure Storage offers several redundancy options to protect your data from loss:

  • Locally Redundant Storage (LRS): Replicates data within a single data center. Lowest cost, but least resilient.
  • Zone-Redundant Storage (ZRS): Replicates data across three Azure availability zones in the primary region. Higher availability than LRS.
  • Geo-Redundant Storage (GRS): Replicates data to a secondary region hundreds of miles away. Provides durability in the event of a regional outage.
  • Geo-Zone-Redundant Storage (GZRS): Combines the high availability of ZRS with the disaster recovery capabilities of GRS.

Note:

The availability and cost of redundancy options vary. Choose the option that best balances your availability and cost requirements.

Security

Azure Storage provides robust security features:

  • Authentication: Azure Active Directory (Azure AD) integration and shared key authorization.
  • Authorization: Role-Based Access Control (RBAC) for fine-grained permissions.
  • Encryption: Data is encrypted at rest using Azure Storage Service Encryption (SSE) by default. Support for customer-managed keys is also available.
  • Network Security: Virtual network service endpoints and private endpoints for restricting access.
  • Threat Protection: Azure Security Center integration for monitoring and threat detection.

Management

You can manage your Azure Storage accounts through various tools:

  • Azure Portal: A web-based graphical interface.
  • Azure CLI: A command-line tool for scripting and automation.
  • Azure PowerShell: Another command-line tool for managing Azure resources.
  • Azure Storage Explorer: A cross-platform graphical tool.
  • SDKs: Available for various programming languages.

Pricing

Azure Storage pricing is based on several factors:

  • Capacity: The amount of data stored.
  • Transactions: The number of read and write operations.
  • Data Transfer: Ingress and egress of data.
  • Redundancy: Different redundancy options have different costs.
  • Access Tiers: Hot, cool, and archive tiers have varying pricing.

Refer to the Azure Storage pricing page for the most up-to-date information.

API Reference:

For detailed API information, explore the Azure Storage REST API documentation and the various Azure Storage client libraries: