Storage account overview

  • Article

An Azure storage account contains all of your Azure Storage data objects: blobs, files, queues, and tables. The storage account provides a unique namespace for your Azure Storage data that's accessible from anywhere in the world over HTTP or HTTPS. Data in your storage account is durable and highly available, secure, and massively scalable.

To learn how to create an Azure Storage account, see Create a storage account.

Types of storage accounts

Azure Storage offers several types of storage accounts. Each type supports different features and has its own pricing model.

The following table describes the types of storage accounts recommended by Azure for most scenarios. All of these use the Azure Resource Manager deployment model.

Type of storage account Supported storage services Redundancy options Usage
Standard general-purpose v2 Blob Storage (including Data Lake Storage1), Queue Storage, Table Storage, and Azure Files Locally redundant storage (LRS) / geo-redundant storage (GRS) / read-access geo-redundant storage (RA-GRS)

Zone-redundant storage (ZRS) / geo-zone-redundant storage (GZRS) / read-access geo-zone-redundant storage (RA-GZRS)2		 Standard storage account type for blobs, file shares, queues, and tables. Recommended for most scenarios using Azure Storage. If you want support for network file system (NFS) in Azure Files, use the premium file shares account type.
Premium block blobs3 Blob Storage (including Data Lake Storage1) LRS

ZRS2		 Premium storage account type for block blobs and append blobs. Recommended for scenarios with high transaction rates or that use smaller objects or require consistently low storage latency. Learn more about example workloads.
Premium file shares3 Azure Files LRS

ZRS2		 Premium storage account type for file shares only. Recommended for enterprise or high-performance scale applications. Use this account type if you want a storage account that supports both Server Message Block (SMB) and NFS file shares.
Premium page blobs3 Page blobs only LRS

ZRS2		 Premium storage account type for page blobs only. Learn more about page blobs and sample use cases.

1 Data Lake Storage is a set of capabilities dedicated to big data analytics, built on Azure Blob Storage. For more information, see Introduction to Data Lake Storage Gen2 and Create a storage account to use with Data Lake Storage Gen2.

2 ZRS, GZRS, and RA-GZRS are available only for standard general-purpose v2, premium block blobs, premium file shares, and premium page blobs accounts in certain regions. For more information, see Azure Storage redundancy.

3 Premium performance storage accounts use solid-state drives (SSDs) for low latency and high throughput.

Legacy storage accounts are also supported. For more information, see Legacy storage account types.

The service-level agreement (SLA) for Azure Storage accounts is available at SLA for Storage Accounts.

Note

You can't change a storage account to a different type after it's created. To move your data to a storage account of a different type, you must create a new account and copy the data to the new account.

Storage account name

When naming your storage account, keep these rules in mind:

  • Storage account names must be between 3 and 24 characters in length and may contain numbers and lowercase letters only.
  • Your storage account name must be unique within Azure. No two storage accounts can have the same name.

Storage account endpoints

A storage account provides a unique namespace in Azure for your data. Every object that you store in Azure Storage has a URL address that includes your unique account name. The combination of the account name and the service endpoint forms the endpoints for your storage account.

You can configure your storage account to use a custom domain for the Blob Storage endpoint. For more information, see Configure a custom domain name for your Azure Storage account.

Important

When referencing a service endpoint in a client application, it's recommended that you avoid taking a dependency on a cached IP address. The storage account IP address is subject to change, and relying on a cached IP address may result in unexpected behavior.

Additionally, it's recommended that you honor the time-to-live (TTL) of the DNS record and avoid overriding it. Overriding the DNS TTL may result in unexpected behavior.

A service endpoint in Azure Storage includes the protocol (HTTPS is recommended), the storage account name as the subdomain, and a fixed domain that includes the name of the service.

The following table lists the format for the endpoints for each of the Azure Storage services.

Storage service Endpoint
Blob Storage https://<storage-account>.blob.core.chinacloudapi.cn
Static website (Blob Storage) https://<storage-account>.web.core.chinacloudapi.cn
Data Lake Storage Gen2 https://<storage-account>.dfs.core.chinacloudapi.cn
Azure Files https://<storage-account>.file.core.chinacloudapi.cn
Queue Storage https://<storage-account>.queue.core.chinacloudapi.cn
Table Storage https://<storage-account>.table.core.chinacloudapi.cn

You can easily construct the URL for an object in Azure Storage by appending the object's location in the storage account to the endpoint. For example, the URL for a blob will be similar to:

https://*mystorageaccount*.blob.core.chinacloudapi.cn/*mycontainer*/*myblob*

Migrate a storage account

The following table summarizes and points to guidance on how to move, upgrade, or migrate a storage account:

Migration scenario Details
Move a storage account to a different subscription Azure Resource Manager provides options for moving a resource to a different subscription. For more information, see Move resources to a new resource group or subscription.
Move a storage account to a different resource group Azure Resource Manager provides options for moving a resource to a different resource group. For more information, see Move resources to a new resource group or subscription.
Move a storage account to a different region To move a storage account, create a copy of your storage account in another region. Then, move your data to that account by using AzCopy, or another tool of your choice. For more information, see Move an Azure Storage account to another region.
Upgrade to a general-purpose v2 storage account You can upgrade a general-purpose v1 storage account or Blob Storage account to a general-purpose v2 account. Note that this action can't be undone. For more information, see Upgrade to a general-purpose v2 storage account.
Migrate a classic storage account to Azure Resource Manager The Azure Resource Manager deployment model is superior to the classic deployment model in terms of functionality, scalability, and security. For more information about migrating a classic storage account to Azure Resource Manager, see the "Migration of storage accounts" section of Platform-supported migration of IaaS resources from classic to Azure Resource Manager.

Transfer data into a storage account

Azure provides services and utilities for importing your data from on-premises storage devices or third-party cloud storage providers. Which solution you use depends on the quantity of data you're transferring. For more information, see Azure Storage migration overview.

Storage account encryption

All data in your storage account is automatically encrypted on the service side. For more information about encryption and key management, see Azure Storage encryption for data at rest.

Storage account billing

Azure Storage bills based on your storage account usage. All objects in a storage account are billed together as a group. Storage costs are calculated according to the following factors:

  • Region refers to the geographical region in which your account is based.
  • Account type refers to the type of storage account you're using.
  • Access tier refers to the data usage pattern you've specified for your general-purpose v2 or Blob Storage account.
  • Capacity refers to how much of your storage account allotment you're using to store data.
  • Redundancy determines how many copies of your data are maintained at one time, and in what locations.
  • Transactions refer to all read and write operations to Azure Storage.
  • Data egress refers to any data transferred out of an Azure region. When the data in your storage account is accessed by an application that isn't running in the same region, you're charged for data egress. For information about using resource groups to group your data and services in the same region to limit egress charges, see What is an Azure resource group?.

The Azure Storage pricing page provides detailed pricing information based on account type, storage capacity, replication, and transactions. The Data Transfers pricing details provides detailed pricing information for data egress. You can use the Azure Storage pricing calculator to help estimate your costs.

Legacy storage account types

The following table describes the legacy storage account types. These account types are not recommended by Azure, but may be used in certain scenarios:

Type of legacy storage account Supported storage services Redundancy options Deployment model Usage
Standard general-purpose v1 Blob Storage, Queue Storage, Table Storage, and Azure Files LRS/GRS/RA-GRS Resource Manager, classic1 General-purpose v1 accounts may not have the latest features or the lowest per-gigabyte pricing. Consider using it for these scenarios:
  • Your applications require the Azure classic deployment model1.
  • Your applications are transaction-intensive or use significant geo-replication bandwidth, but don't require large capacity. In this case, a general-purpose v1 account may be the most economical choice.
  • You use a version of the Azure Storage REST API that is earlier than February 14, 2014, or a client library with a version lower than 4.x, and you can't upgrade your application.
  • You're selecting a storage account to use as a cache for Azure Site Recovery. Because Site Recovery is transaction-intensive, a general-purpose v1 account may be more cost-effective. For more information, see Support matrix for Azure VM disaster recovery between Azure regions.
Blob Storage Blob Storage (block blobs and append blobs only) LRS/GRS/RA-GRS Resource Manager Azure recommends using standard general-purpose v2 accounts instead when possible.

1 Beginning August 1, 2022, you'll no longer be able to create new storage accounts with the classic deployment model. Resources created prior to that date will continue to be supported through August 31, 2024. For more information, see Azure classic storage accounts will be retired on 31 August 2024.

Scalability targets for standard storage accounts

The following table describes default limits for Azure general-purpose v2 (GPv2), general-purpose v1 (GPv1), and Blob storage accounts. The ingress limit refers to all data that is sent to a storage account. The egress limit refers to all data that is received from a storage account.

Azure recommends that you use a GPv2 storage account for most scenarios. You can easily upgrade a GPv1 or a Blob storage account to a GPv2 account with no downtime and without the need to copy data. For more information, see Upgrade to a GPv2 storage account.

Resource Limit
Maximum number of storage accounts per region per subscription, including standard, and premium storage accounts. 250
Default maximum storage account capacity 5 PiB 1
Maximum number of blob containers, blobs, directories and subdirectories (if Hierarchical Namespace is enabled), file shares, tables, queues, entities, or messages per storage account. No limit
Default maximum request rate per storage account 20,000 requests per second1
Default maximum ingress per general-purpose v2 and Blob storage account in the following regions:
  • China East 2
  • China North 3
 60 Gbps1
Default maximum ingress per general-purpose v2 and Blob storage account in regions that aren't listed in the previous row. 25 Gbps1
Default maximum ingress for general-purpose v1 storage accounts (all regions) 10 Gbps1
Default maximum egress for general-purpose v2 and Blob storage accounts in the following regions:
  • China East 2
  • China North 3
 120 Gbps1
Default maximum egress for general-purpose v2 and Blob storage accounts in regions that aren't listed in the previous row. 50 Gbps1
Maximum egress for general-purpose v1 storage accounts 10 Gbps if RA-GRS/GRS is enabled, 15 Gbps for LRS/ZRS
Maximum number of IP address rules per storage account 200
Maximum number of virtual network rules per storage account 200
Maximum number of resource instance rules per storage account 200
Maximum number of private endpoints per storage account 200

1 Azure Storage standard accounts support higher capacity limits and higher limits for ingress and egress by request. To request an increase in account limits, contact Azure Support.

Next steps