Scribd
Upload
8 views2 pages

Azure Basic 18

The document outlines Azure Blob Storage lifecycle management, detailing how to transition data between access tiers and implement soft delete to protect against accidental deletions. It also describes built-in roles for blob storage access, security measures like firewalls and virtual networks, and the use of SAS signatures for time-bound access. Additionally, it highlights Azure Blob Versioning, which allows for automatic version creation and recovery of previous blob versions.

Uploaded by

Mahmud Rayhan Shajib
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views2 pages

Azure Basic 18

The document outlines Azure Blob Storage lifecycle management, detailing how to transition data between access tiers and implement soft delete to protect against accidental deletions. It also describes built-in roles for blob storage access, security measures like firewalls and virtual networks, and the use of SAS signatures for time-bound access. Additionally, it highlights Azure Blob Versioning, which allows for automatic version creation and recovery of previous blob versions.

Uploaded by

Mahmud Rayhan Shajib
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Configure blob lifecycle management

Lifecycle Management
● You can use lifecycle management to move your data from one access tier to another.
● For example, you can move from Hot to Cool after 30 days and then from Cool to Archive
after 180 days and then delete after 1 year.
Soft Delete
● If you enable this feature, the blob will not be deleted but will be marked for deletion.
● You specify the number of days, like 90, and after 90 days, the blobs will be deleted.
● This protects against malicious or accidental deletion.
● Please note that you will pay for the 90 days of storage.
Built-in Roles for Blob Storage
Role Access
Storage Blob Data Read, write, and delete Azure Storage containers and
Contributor blobs.
Provides full access to Azure Storage blob containers and
Storage Blob Data
data
Owner
operations
Storage Blob Data
Read and list Azure Storage containers and blobs.
Reader
Storage Blob Get a user delegation key, which can then be used to
Delegator create a
--Back to Index-- 55
shared access signature for a container or blob that is
signed with
Microsoft Entra ID credentials.
For more info —> Configure a lifecycle management policy -
Azure Storage
Azure Storage Firewalls and Virtual Networks
● We can have a layered security model and specify the IP addresses from which access will
be allowed.
● Also, we can specify Vnets/subnets from where access will be allowed.
● Time-bound access – SAS Signatures
● A Storage account key gives complete access to your data.
● If there is a need to provide access for a short/limited period, we can create a SAS
Signature with a start and end time, and the data can be accessed during that window
only.
● We can specify allowed services/service types/permissions (Read/Write/List
etc)/Start
and expiry date/time/ Allowed IP address range
Use Case Scenarios:
● A Company wants to store more than 5TB of data. The cost must be minimized – Solution
– Azure Blob Storage using Import/Export Service.
● A Company wants to use Azure Storage. The Data has various usage tiers. Tier 1 – Used
regularly and needed immediately in the first 30 days, Tier 2 – Not used after 30 days,
Tier 3 – Not used after 180 days, and Tier 4 – Can be deleted after 1 year. – Solution –
Implement Lifecycle Management
● A Company plans to move 500MB of data to Azure Blob. What is the best Method –
Solution – Download Storage Explorer (or use Storage explorer on the portal) with SAS
and transfer data
● When creating a storage account, what tiers can we choose – Hot, Cool, Archive. Answer
– Hot and Cool only. Archive Tier is at Blob level only.
● You want to protect your storage account against accidental deletion. What do you do?
Solution – Enable Soft Delete
● With Soft delete enabled, a file is deleted. 2 snapshots are also deleted. What can be
recovered? Answer – The snapshots and file can be restored
Azure Blob Versioning
--Back to Index-- 56
Azure Blob Versioning is a feature that helps you maintain previous versions of your
blobs
(files) automatically. This can be crucial for data protection, allowing you to recover
from
accidental deletions or modifications.
The following diagram shows how versions are created on write operations, and how a
previous version may be promoted to be the current version:
Source: Blob versioning - Azure Storage | Microsoft Learn
Key Features:
● Automatic Versioning: When enabled, Azure Blob Storage automatically
creates a new
version of a blob each time it is modified or deleted.
● Version ID: Each version is identified by a unique version ID, which is a timestamp
of
when the version was created.
● Immutable Versions: Blob versions are immutable, meaning once a version is
created,
it cannot be modified [It means you cannot modify the content or metadata of an
existing blob version].
● Data Recovery: You can restore a previous version of a blob to recover data if it
is
erroneously modified or deleted.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy