Understanding Storage Account Configuration

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

1 hour 52 minutes
Video Transcription
All right, welcome to our first lesson in module to where we're gonna be talking about understanding storage account configuration.
The objectives for this lesson include understanding what goes into a storage account name.
Well, look at different storage account types.
We'll look at our excess tears that are available to us
as well as replication options
and or dis types.
Finally, we'll have ah, word on building and what goes into determine how much our storage accounts will cost.
First, let's talk about storage account names when you go to name your storage account, it has to be a globally unique name amongst other storage accounts inside of Azure.
That's right. You have to have a unique name against what everyone else has called. There's. So if there is a storage account out there named Jeffs Awesome storage, I won't be able to use that name myself. Thes domain names will have a Suffolk's of court dot windows dot net.
There's also gonna be additional nomenclature, and they're depending on what type of service, and we'll get into that in a later episode.
Finally, our storage account name can only use numbers and lower case letters, and it has to be between three and 24 characters. I bring this up so you can think of some type of standard that you might want to name your storage accounts. Maybe has some form of your company name in it. Along with the region. It's configured in or purpose like prod ever test.
Next, let's talk about our storage account types.
The first type we have is general purpose V one. This is the older version of our storage accounts that use the azure classic deployment model and not the new azure resource manager or arm infrastructure we have today. Overall, you probably won't be provisioning general purpose V one storage accounts.
But there is one caveat. If for some reason you need to use an older version of the storage services rest AP, I maybe have a custom application that is currently using this.
What's recommended right now is that you use a general purpose V two storage account.
This supports all the latest features, and you're gonna get the lowest per gigabyte capacity prices inside this type of storage account.
And what's great is if you have a general purpose V one, you can easily upgrade to V two without moving your data around. It's a simple as a click inside our storage account configuration.
Finally, we do have a block blob on Lee storage account type. This is a premium performance for blob storage.
We'll talk a little bit more about what blob storage is in this episode and later, once
in general. It's also recommended that if you're just gonna have blocked blobs storage to just go ahead and provision a general purpose V two storage account.
Next, let's talk about our access to yours
again. Thes access tears are gonna apply to block blob data only, and we'll discuss what exactly that means in a later episode.
Our first here is the hot access to your
This is gonna be for frequent access of data inside your storage account.
Accessing data in the hot here is gonna be the most cost effective, but your storage costs are going to be higher
whenever you create a new storage account. The hot here is configured by default.
Our next access tear is the cool accessed Here. This is gonna be for storing your data that is going to be infrequently accessed,
such as storing it for at least 30 days. So maybe if you have something that you're accessing once 1/4 the cool access tear would be the one for you.
Now, storing data in the cool accessed here is gonna be more cost effective for the storage. But accessing it is going to be more expensive because it's going to take longer to get access to that data.
Finally, we have the archived here, and this tier is only available for block blobs in the pin blobs, which will look at later inside of our container services.
This is gonna be for data that can tolerate several hours of Layton see when being retrieved. And it's recommended that the data inside the architect here resides there for greater than 180 days. So you're only gonna need to access. It may be every six months or so,
So this is going to be the most cost effective option for storing data long term. That's not being access frequently, but it's gonna be more expensive
to access the data than what you would find inside the hot or cool tears.
Next, we have replication because we want several copies over data in case something happens to it.
The first option we have is locally redundant storage or LRS.
This is where your data is going to be replicated three times within the azure region where your storage account is configured. And really, this means is gonna be stored within a single data center. This is gonna be your lowest cost option, but it's not gonna protect against a data center level disaster.
So if something were to happen to that data centre, you wouldn't have access to the data inside that storage account.
This is probably gonna be a good option for Endeavour test environments or for applications that don't require type of redundancy or other options offer.
Next, we have sown redundant storage or Z R s.
This is where data is going to be replicated synchronously across three availability zones inside the primary region. So you're still restricted to a single region,
but your data is gonna be sink to cross an availability zone. What availability zone is thes are autonomous and they have their own separate utilities and networking features, so it can tolerate an outage inside availability zone inside the same region.
However, this isn't gonna protect against a regional outage when multiple zones are affected.
Next we have geo redundant storage, or GRS.
This is pretty much having, like LRs in a primary region. And then that data is gonna be replicated a synchronously to a secondary region following the lRS format.
So basically, you're gonna have LRs in your primary region and l. R s and a secondary region,
and data from that first region will be copied over a synchronously over to the second region.
The second region is gonna be hundreds of miles away from the primary one. This will protect against a regional outage. However, data in the secondary region is not gonna be available for reader right until Microsoft initiates the fail over to the secondary region.
If you need read access to that secondary region before Microsoft initiates the fail over,
this is where read access geo, rid ended storage, or are a GRS comes into play
again. You still have LRs in the primary region and LRs and the secondary region, but you're gonna have read access to the secondary region and its data prior to the Microsoft initiating a fail over for you.
We actually have two other replication options. And at the time of this recording, their currently in previews. So they're not really available for production ready workloads. But you can definitely check him out now and see how they work for you.
The 1st 1 is Geo Zone, Redundant storage or GZ R s.
So, like we saw in our last ones where we had lRS and two different regions.
This ups the ante by actually putting zero s in your primary region. So your data is distributed across multiple availability zones
and then that is replicated a synchronously to the secondary geographic region hundreds of miles away again, this protects against regional disasters as well as availability zone issues inside the primary or secondary region.
And like our other option, you are gonna have to wait until Microsoft initiates the fail over. Before you can read the data in the secondaries
region. Or you can take a look at the other option where we have the read access Geo zone. Redundant storage are are a GRS. This provides full read access to the secondary zone before that feel over is initiated.
Next, let's talk about this types. The 1st 1 we have is our standard. This type this is backed by traditional magnetic drives, and it's going to give you the lows cost per gigabyte. We also have a premium this type option.
This is backed by solid state drives, and it gives you low latency performance.
However, premium disk are only available for azure virtual machine disks,
and if you put an azure virtual machine disk inside a premium storage, you'll have a 99.9% S L A. For those disks. Unlike some other options we have with our storage accounts, you cannot change. The dis type after has been configured for the storage count, so be sure to plan ahead and choose the right option on creation.
Finally, let's talk about what goes into billing and how much our storage accounts are gonna cost us.
The first factor is region, and this is based on the geographic region where the storage account has been provisioned. Different regions are going to have different prices associated with them. Next is your account type, like we talked about the general V one, V two or block blob storage. We also mentioned we have our access tears,
for example, in our hot tear, it's going to be the most cost effective for accessing it, but the
amount of data we store in it and those costs are going to be higher.
Next is the capacity, which just refers to how much of the storage account allotment we're going to be using and storing our data. So the more data we put into it, the more we're going to be paying for that storage.
We'll have replication as we just talked about in the previous slide. We could just use lRS, and that is our at least cost option, because the data is not replicated to other regions and data centers.
But if your application or requirements required the type of redundancy needed that is going to cost a little bit more. Next we have our transaction rates, which refer to the reading right operations to azure storage
and finally, data egress, which refers to the data transferred out of the azure region. So when data inside our storage account is accessed by an application that's not running in the same region as our storage account,
you're gonna be charged for that data E. Chris. So this is really important when you're setting up resource groups to make sure you group your data and services to the same region to limit thes egress charges.
This means you don't want to set up a storage account inside of East us and then have something from West us accessing that data because you're going to be paying for that egress out to the other region
that does it for some of our storage account configuration options. Let's finish this lesson out with a quick couple of quits questions. 1st 1 is which this type is reserved for storing azure virtual machine disks.
The answer to that is our premium, this type. Our next question is which replication option is the least expensive?
This is going to be our locally redundant storage, or lRS.
And finally, let's take a look at which access tear would be appropriate. If I need to access the data every 60 days,
that's going to be our cool. Access to your cool excess tear is greater than 30 days, and the moving into the archived here, which is greater than 180 days.
That does it for this lesson where we discussed what goes into a storage account name are different. Storage account types are access, tears, replication and this type options.
And finally, what goes into determining our billing cost
coming up. Next, we're actually going to take all these concepts, jump out to the azure portal and take a look at creating some storage accounts.
See you in the next episode.
Up Next