How To Manage Storage Accounts
Table of Contents
How to: Replicate your storage account data for durability and high availability
Data in your storage account is replicated to ensure durability that is also highly available, meeting the Azure Storage SLA even in the face of transient hardware failures. Azure Storage is deployed in 15 regions around the world and also includes support for replicating data between regions. You have several options for replicating the data in your storage account:
Locally redundant storage (LRS) maintains three copies of your data. LRS is replicated three times within a single facility in a single region. LRS protects your data from normal hardware failures, but not from the failure of a single facility.
LRS is offered at a discount. For maximum durability, we recommend that you use geo-redundant storage, described below.
Zone-redundant storage (ZRS) maintains three copies of your data. ZRS is replicated three times across two to three facilities, either within a single region or across two regions, providing higher durability than LRS. ZRS ensures that your data is durable within a single region.
ZRS provides a higher level of durability than LRS; however, for maximum durability, we recommend that you use geo-redundant storage, described below.
ZRS is currently available only for block blobs. Note that once you have created your storage account and selected zone-redundant replication, you cannot convert it to use to any other type of replication, or vice versa.
Geo-redundant storage (GRS) is enabled for your storage account by default when you create it. GRS maintains six copies of your data. With GRS, your data is replicated three times within the primary region, and is also replicated three times in a secondary region hundreds of miles away from the primary region, providing the highest level of durability. In the event of a failure at the primary region, Azure Storage will failover to the secondary region. GRS ensures that your data is durable in two separate regions.
GRS is recommended over ZRS or LRS for maximum durability.
Read-access geo-redundant storage (RA-GRS) provides all of the benefits of geo-redundant storage noted above, and also allows read access to data at the secondary region in the event that the primary region becomes unavailable. Read-access geo-redundant storage is recommended for maximum availability in addition to durability.
For more details about replication options, see the Azure Storage Team Blog and Azure Storage Redundancy Options.
The pricing differences between the various replication options can be found on the Storage Pricing Details page.
To specify replication settings for a storage account
In the Azure Management Portal, click Storage, and then click the name of your storage account to display the dashboard.
In the Replication, field, select the type of replication you want for your storage account.
Click Save, and confirm your choice if prompted.
How to: View, copy, and regenerate storage access keys
When you create a storage account, Azure generates two 512-bit storage access keys, which are used for authentication when the storage account is accessed. By providing two storage access keys, Azure enables you to regenerate the keys with no interruption to your storage service or access to that service.
In the Management Portal, use Manage Keys on the dashboard or the Storage page to view, copy, and regenerate the storage access keys that are used to access the Blob, Table, and Queue services.
Copy a storage access key
You can use Manage Keys to copy a storage access key to use in a connection string. The connection string requires the storage account name and a key to use in authentication. For information about configuring connection strings to access Azure storage services, see Configuring Connection Strings.
In the Management Portal, click Storage, and then click the name of the storage account to open the dashboard.
Click Manage Keys.
Manage Access Keys opens.
To copy a storage access key, select the key text. Then right-click, and click Copy.
Regenerate storage access keys
You should change the access keys to your storage account periodically to help keep your storage connections more secure. Two access keys are assigned to enable you to maintain connections to the storage account using one access key while you regenerate the other access key.
Regenerating your access keys affects virtual machines, media services, and any applications that are dependent on the storage account. All clients that use the access key to access the storage account must be updated to use the new key.
Virtual machines - If your storage account contains any virtual machines that are running, you will have to redeploy all virtual machines after you regenerate the access keys. To avoid redeployment, shut down the virtual machines before you regenerate the access keys.
Media services - If you have media services dependent on your storage account, you must re-sync the access keys with your media service after you regenerate the keys.
Applications - If you have web applications or cloud services using the storage account, you will lose the connections if you regenerate keys, unless you roll your keys. Here is the process:
Update the connection strings in your application code to reference the secondary access key of the storage account.
Regenerate the primary access key for your storage account. In the Management Portal, from the dashboard or the Configure page, click Manage Keys. Click Regenerate under the primary access key, and then click Yes to confirm you want to generate a new key.
Update the connection strings in your code to reference the new primary access key.
Regenerate the secondary access key.
How to: Delete a storage account
To remove a storage account that you are no longer using, use Delete on the dashboard or the Configure page. Delete deletes the entire storage account, including all of the blobs, tables, and queues in the account.
There's no way to restore the content from a deleted storage account. Make sure you back up anything you want to save before you delete the account.
If your storage account contains any VHD files or disks for an Azure virtual machine, then you must delete any images and disks that are using those VHD files before you can delete the storage account. First, stop the virtual machine if it is running, and then delete it. To delete disks, navigate to the Disks tab and delete any disks contained in the storage account. To delete images, navigate to the Images tab and delete any images stored in the account.
In the Management Portal, click Storage.
Click anywhere in the storage account entry except the name, and then click Delete.
Click the name of the storage account to open the dashboard, and then click Delete.
Click Yes to confirm you want to delete the storage account.