Hands-On Lab: Implementing Azure Blob Storage and Access Tiers
Describe Azure storage services
Hands-On Lab: Implementing Azure Blob Storage and Access Tiers
In this lab, you will explore the fundamental components of Azure Storage. You will create a storage account, configure a blob container, and manage data life cycles by switching between access tiers. This lab aligns with the AZ-900 curriculum for describing Azure storage services.
[!WARNING] Remember to run the teardown commands at the end of this lab to avoid ongoing charges to your Azure subscription.
Prerequisites
- An active Azure Subscription. If you don't have one, create a free account before beginning.
- Access to Azure Cloud Shell (Bash) or the Azure CLI installed locally.
- Basic understanding of resource groups in Azure.
Learning Objectives
- Provision an Azure Storage Account with specific redundancy and tier settings.
- Manage Containers and Blobs for unstructured data storage.
- Demonstrate how to transition blobs between Hot and Cool access tiers.
- Verify storage resources using the command line and the Azure Portal.
Architecture Overview
This lab involves creating a storage hierarchy where a Storage Account acts as the top-level container for data services. We will focus specifically on the Blob service.
Step-by-Step Instructions
Step 1: Initialize Variables and Resource Group
Before creating resources, we will define variables to ensure naming consistency. Storage account names must be globally unique and contain only lowercase letters and numbers.
# Define variables
RG_NAME="rg-storage-lab"
LOCATION="eastus"
STORAGE_ACCT_NAME="brainybee$RANDOM"
# Create the resource group
az group create --name $RG_NAME --location $LOCATION▶Console alternative
- Sign in to the Azure Portal.
- Search for Resource groups.
- Click + Create.
- Select your subscription, name it
rg-storage-lab, and select (US) East US. - Click Review + create and then Create.
Step 2: Create the Storage Account
We will create a Standard General Purpose v2 account with Locally Redundant Storage (LRS) to minimize costs.
az storage account create \
--name $STORAGE_ACCT_NAME \
--resource-group $RG_NAME \
--location $LOCATION \
--sku Standard_LRS \
--kind StorageV2 \
--access-tier Hot[!TIP] Standard_LRS replicates your data three times within a single data center in the primary region.
▶Console alternative
- Search for Storage accounts and click + Create.
- Select your Resource Group:
rg-storage-lab. - Storage account name: Enter a unique name (e.g.,
mystorageaccount123). - Region: East US.
- Performance: Standard.
- Redundancy: Locally-redundant storage (LRS).
- Click Review + create and then Create.
Step 3: Create a Blob Container
Blobs must be stored within a container, which is similar to a directory in a file system.
az storage container create \
--name "lab-data" \
--account-name $STORAGE_ACCT_NAME▶Console alternative
- Go to your new Storage Account resource.
- In the left menu, under Data storage, click Containers.
- Click + Container.
- Name:
lab-data. - Public access level: Private (no anonymous access).
- Click Create.
Step 4: Upload a Blob and Modify Access Tiers
We will create a dummy file, upload it as a blob, and then change its tier from Hot to Cool.
# Create a dummy file
echo "Hello Azure Storage" > lab-file.txt
# Upload to container
az storage blob upload \
--account-name $STORAGE_ACCT_NAME \
--container-name "lab-data" \
--name "sample-file.txt" \
--file "lab-file.txt"
# Change tier to Cool
az storage blob set-tier \
--account-name $STORAGE_ACCT_NAME \
--container-name "lab-data" \
--name "sample-file.txt" \
--tier CoolCheckpoints
| Verification Step | Command / Action | Expected Result |
|---|---|---|
| Account Existence | az storage account show -n $STORAGE_ACCT_NAME -g $RG_NAME | JSON output showing provisioningState: Succeeded |
| Blob Presence | List blobs in the portal or via CLI | sample-file.txt should be visible in the container |
| Tier Verification | az storage blob show --name "sample-file.txt" ... | The blobTier property should be Cool |
Troubleshooting
| Error | Likely Cause | Solution |
|---|---|---|
StorageAccountAlreadyExists | The account name you chose is taken by someone else globally. | Change the $STORAGE_ACCT_NAME variable to something more unique. |
AuthorizationPermissionMismatch | Your CLI session doesn't have sufficient RBAC permissions. | Ensure you are logged in as an Owner or Contributor of the subscription. |
ResourceGroupNotFound | The group was deleted or the name was mistyped. | Re-run the az group create command from Step 1. |
Visualizing Redundancy
This TikZ diagram illustrates the Locally Redundant Storage (LRS) concept used in this lab, where three copies of data are kept within one facility.
\begin{tikzpicture} \draw[thick, fill=blue!10] (0,0) rectangle (6,4); \node at (3,3.5) {\textbf{Azure Data Center (East US)}};
\draw[fill=gray!20] (0.5,0.5) rectangle (1.5,2.5); \node at (1,1.5) {Rack 1}; \fill[orange] (1,1) circle (0.2); \node[below] at (1,0.8) {Copy A};
\draw[fill=gray!20] (2.5,0.5) rectangle (3.5,2.5); \node at (3,1.5) {Rack 2}; \fill[orange] (3,1) circle (0.2); \node[below] at (3,0.8) {Copy B};
\draw[fill=gray!20] (4.5,0.5) rectangle (5.5,2.5); \node at (5,1.5) {Rack 3}; \fill[orange] (5,1) circle (0.2); \node[below] at (5,0.8) {Copy C};
\draw[<->, dashed] (1.2,1) -- (2.8,1); \draw[<->, dashed] (3.2,1) -- (4.8,1); \end{tikzpicture}
Teardown
To prevent further costs, delete the resource group. This will remove the storage account, the container, and all blobs created.
az group delete --name $RG_NAME --yes --no-wait[!IMPORTANT] The
--no-waitflag allows the command to return immediately while Azure processes the deletion in the background.