Azure Storage is the foundation for data persistence on Azure. It is a massively scalable, durable, and secure cloud storage service used by nearly every Azure workload. But "Azure Storage" is not a single product — it is a family of four distinct storage services, each optimized for a different use case. Choosing the right one matters for both performance and cost.
Azure Storage Account: The Container
All Azure Storage services live inside a Storage Account. A storage account provides a unique namespace (accountname.blob.core.windows.net, etc.) and serves as the billing and access control boundary. When you create a storage account, you choose:
- Performance tier: Standard (HDD-backed, lower cost) or Premium (SSD-backed, low latency).
- Redundancy: LRS (3 copies in one datacenter), ZRS (3 copies across availability zones), GRS (6 copies across two regions), or GZRS (zone-redundant + geo-redundant).
- Account kind: StorageV2 (general purpose, supports all services) — use this for new accounts.
# Create a StorageV2 account with GRS redundancy
az group create --name rg-storage-demo --location eastus
az storage account create
--resource-group rg-storage-demo
--name mystorageacct2026
--location eastus
--sku Standard_GRS
--kind StorageV2
--allow-blob-public-access falseBlob Storage: Objects and Files in the Cloud
Azure Blob Storage stores unstructured data: images, videos, documents, log files, backups, and static website assets. It is the most commonly used Azure Storage service. Data is organized into containers (similar to S3 buckets) containing blobs (individual objects).
Blob types:
- Block blobs: Text and binary data. Optimized for uploading and downloading large files. Supports up to 190.7 TB per blob.
- Append blobs: Optimized for append operations. Perfect for log file aggregation.
- Page blobs: Random read/write access. Used internally for Azure VM managed disks.
# Get the connection string
CONN=$(az storage account show-connection-string
--resource-group rg-storage-demo
--name mystorageacct2026
--query connectionString -o tsv)
# Create a container
az storage container create
--name uploads
--connection-string "$CONN"
# Upload a file
az storage blob upload
--container-name uploads
--name myfile.txt
--file ./myfile.txt
--connection-string "$CONN"
# Generate a SAS URL valid for 1 hour
az storage blob generate-sas
--container-name uploads
--name myfile.txt
--permissions r
--expiry $(date -u -d "1 hour" +"%Y-%m-%dT%H:%MZ")
--connection-string "$CONN"
--full-uriAccess Tiers: Optimize Storage Costs
Blob Storage offers three access tiers to balance storage cost against retrieval cost:
- Hot: Frequently accessed data. Highest storage cost, lowest access cost.
- Cool: Infrequently accessed data (at least 30 days). Lower storage cost, higher access cost. Minimum storage duration of 30 days.
- Archive: Rarely accessed data (at least 180 days). Lowest storage cost, but retrieval can take hours. Must rehydrate to Hot or Cool before reading.
Use Lifecycle Management policies to automatically move blobs between tiers based on age.
Azure Files: Managed File Shares
Azure Files provides fully managed SMB and NFS file shares in the cloud. They mount on Windows, Linux, and macOS just like a network drive — no code changes required for applications that already use file shares.
# Create a file share (100 GB quota)
az storage share create
--name myfileshare
--quota 100
--connection-string "$CONN"
# Mount on Linux (SMB)
sudo mkdir /mnt/azurefiles
sudo mount -t cifs
//mystorageacct2026.file.core.windows.net/myfileshare
/mnt/azurefiles
-o username=mystorageacct2026,password=<STORAGE_KEY>,serverinoAzure Files is ideal for lifting and shifting applications that use on-premises file servers, or for sharing configuration files and assets across multiple VM instances.
Queue Storage: Async Message Passing
Azure Queue Storage provides simple, durable message queuing. Producers write messages to a queue; consumers poll the queue and process messages asynchronously. Each message can be up to 64 KB and queues can contain millions of messages. Queue Storage is the lightweight, cost-effective alternative to Azure Service Bus for simple producer-consumer scenarios.
Azure Disk Storage
Azure Managed Disks are block-level storage volumes attached to Azure VMs — functionally equivalent to a physical hard drive. You do not interact with Disk Storage through the storage account interface. Disks are provisioned independently and attached to VMs via the Portal or CLI. Choose Premium SSD v2 for production databases requiring consistent sub-millisecond latency.
Key Takeaways
Choose the right Azure Storage service for your data: Blob Storage for objects and static assets, Azure Files for shared file systems, Queue Storage for async messaging, and Managed Disks for VM block storage. Always disable public blob access at the account level and use Shared Access Signatures (SAS) or Azure AD authentication for controlled access.