Implement Azure Storage replication – Securing Storage

Implement Azure Storage replication

In the previous chapter, we uncovered the different replication options available to us in Azure, including Locally-redundant storage (LRS), Zone-redundant storage (ZRS), Geo-redundant storage (GRS), and Geo-zone-redundant storage (GZRS). In this section, we will explore changing the replication chosen for a deployed storage account. Follow the given steps to implement Azure storage replication:

1. Navigate to the Azure portal by opening https://portal.azure.com.
2. Select a storage account to configure.
3. On the Storage account blade, navigate to the left menu, then underSettings, click on Configuration. Note the various options available.
4. Click on the Replication drop-down menu, then select the appropriate option and click Save.

Figure 7.35 – Storage account replication configuration

You have now completed the configuration of the replication type for a storage account.

Top Tip

For enhanced security, it is advised that the Secure transfer required and Allow Blob public access options in the Configuration blade for a storage account are configured to Enabled.

Configuring blob object replication

In the following demonstration, you will learn how to configure blob object replication. To follow along, you will require two storage accounts:

1. Navigate to the Azure portal by opening https://portal.azure.com.
2. Go to a storage account, then on the left menu, underData management, click Object replication. Click + Set up replication rules on the top menu.

Figure 7.36 – Storage account – Object replication

3. Select the destination storage account, then choose a source and destination container in the lower section.
4. Click add under Filters, then on the following screen that pops up, enter Azure for Prefix match and click Save. This will be used to filter all items, such as folders and blobs, that match the entered prefix entered.

Figure 7.37 – Object replication – Filters

5. Under the Copy over context, click change. On the subsequent screen, select Everything. Click Save.

Figure 7.38 – Object replication – Copy over rules

6. Click Save and apply.
7. Navigate to your source container. Upload some items that you name starting with Azure. You can even make some files up, such as a text file.
8. Wait 5 minutes then navigate to your destination container and notice that the files copied across are now in your destination container too, matching the implemented rule(s).

You have now completed the configuration of blob object replication and have seen it in action. In the next section, we will explore blob life cycle management.

Top Tip

While it may be tempting to see object replication as a backup mechanism, this is not something to rely on the same as a backup service, there is a difference in SLAs for instance and errors will be replicated too. Also remember that data is copied asynchronously, meaning there is a delay in the destination copy.