locked
Azure: Difference of use between Azure Back-Up and Storage Account (BLOB) RRS feed

  • Question

  • Hi, please pardon my question as I am just wondering. Also correct me if I'm wrong with my supporting details regards to the question.

    As I know, Storage accounts is set up in Azure, meaning in the cloud, which user can upload and retrieve chosen files, etc.

    Question: will there be any chance of corruption of files?

    Azure Back up, uses MABS and also can back up and retrieve files.

    Question: Someone advised me that it's better to deploy Azure Back up than Storage accounts where user will just simply upload to back up files and retrieve it if necessary. Besides schedules back up in Azure back up, what are the other difference of use for Azure back up and Storage Accounts?

    Thank you!

    Wednesday, June 26, 2019 3:47 AM

Answers

  • If any data is deleted/corrupted due to some error/bug, can be reproduced from backup and it is not possible in case of storage replication.

    Replication is not backup! Like when you opt for GRS replication, 6 copies of your data is maintained (3 in primary and 3 in secondary) but when you delete the data from primary, data from secondary is automatically deleted.

    I have not used Azure backup so let me answer it from Storage Replication point of view. To put things simply, "In context of Azure, a disaster is not a disaster unless Microsoft thinks it is a disaster". Till the time that happens, you don't get access to secondary assuming you have opted for GRS replication (with RA-GRS, you obviously have an option to read the data from secondary at all times).

    Furthermore if you choose LRS or Premium LRS replication and there's indeed a disaster in one data center, all of your data will be lost. With Azure Backup, you at least have a copy of your data lying somewhere safe and you could recreate your environment based on that backup.

    You may refer here for detailed information on What is Azure Backup and Azure Storage

    Backups There are several backup solutions offered for blob storage in case if containers get deleted.more product info can be found here:https://azure.microsoft.com/en-us/services/backup/

    Redundancy

    If you are concerned about availability, "The data in your Microsoft Azure storage account is always replicated to ensure durability and high availability. Replication copies your data, either within the same data center, or to a second data center, depending on which replication option you choose." , there are several replication options:

    Locally redundant storage (LRS)

    Zone-redundant storage (ZRS)

    Geo-redundant storage (GRS)

    Read-access geo-redundant storage (RA-GRS)

    More details can be found here:

    https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy 

    Managing Access

    Finally, managing access to your storage account would be the best way to secure and ensure you'll avoid any loss on your data. You can provide read access only if you don't want anyone to delete files,folders etc.. through the use of SAS: Shared Access Signatures, allows you to create policies and provide access based on Read, Write, List, Delete, etc.. A quick GIF demo can be seen here: https://azure.microsoft.com/en-us/updates/manage-stored-access-policies-for-storage-accounts-from-within-the-azure-portal/

    Redundancy should not be mixed with backups: If you delete a blob, it is instantly replica-deleted (well, queued up at least, and once the primary is deleted, you lose access to the replicas queued for deletion). And SAS is not going to help prevent deletion if someone has the access key, as I pointed out. That's only for sharing otherwise-private blobs. And finally: Azure's Backup service is not for backing up blobs. –

    We are using blob to store documents and for documents management. To prevent deletion of the blob, you can now enable soft deletion as described in here: https://azure.microsoft.com/en-us/blog/soft-delete-for-azure-storage-blobs-ga/

    You can also create your own automation around powershell,azcopy to do incremental and full backups. The last element would be to use RA-GRS blobs where you can read from a secondary blob in read mode in another region in case the data center goes down

    Kindly let us know if the above helps or you need further assistance on this issue.

    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Wednesday, June 26, 2019 7:22 AM

All replies

  • If any data is deleted/corrupted due to some error/bug, can be reproduced from backup and it is not possible in case of storage replication.

    Replication is not backup! Like when you opt for GRS replication, 6 copies of your data is maintained (3 in primary and 3 in secondary) but when you delete the data from primary, data from secondary is automatically deleted.

    I have not used Azure backup so let me answer it from Storage Replication point of view. To put things simply, "In context of Azure, a disaster is not a disaster unless Microsoft thinks it is a disaster". Till the time that happens, you don't get access to secondary assuming you have opted for GRS replication (with RA-GRS, you obviously have an option to read the data from secondary at all times).

    Furthermore if you choose LRS or Premium LRS replication and there's indeed a disaster in one data center, all of your data will be lost. With Azure Backup, you at least have a copy of your data lying somewhere safe and you could recreate your environment based on that backup.

    You may refer here for detailed information on What is Azure Backup and Azure Storage

    Backups There are several backup solutions offered for blob storage in case if containers get deleted.more product info can be found here:https://azure.microsoft.com/en-us/services/backup/

    Redundancy

    If you are concerned about availability, "The data in your Microsoft Azure storage account is always replicated to ensure durability and high availability. Replication copies your data, either within the same data center, or to a second data center, depending on which replication option you choose." , there are several replication options:

    Locally redundant storage (LRS)

    Zone-redundant storage (ZRS)

    Geo-redundant storage (GRS)

    Read-access geo-redundant storage (RA-GRS)

    More details can be found here:

    https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy 

    Managing Access

    Finally, managing access to your storage account would be the best way to secure and ensure you'll avoid any loss on your data. You can provide read access only if you don't want anyone to delete files,folders etc.. through the use of SAS: Shared Access Signatures, allows you to create policies and provide access based on Read, Write, List, Delete, etc.. A quick GIF demo can be seen here: https://azure.microsoft.com/en-us/updates/manage-stored-access-policies-for-storage-accounts-from-within-the-azure-portal/

    Redundancy should not be mixed with backups: If you delete a blob, it is instantly replica-deleted (well, queued up at least, and once the primary is deleted, you lose access to the replicas queued for deletion). And SAS is not going to help prevent deletion if someone has the access key, as I pointed out. That's only for sharing otherwise-private blobs. And finally: Azure's Backup service is not for backing up blobs. –

    We are using blob to store documents and for documents management. To prevent deletion of the blob, you can now enable soft deletion as described in here: https://azure.microsoft.com/en-us/blog/soft-delete-for-azure-storage-blobs-ga/

    You can also create your own automation around powershell,azcopy to do incremental and full backups. The last element would be to use RA-GRS blobs where you can read from a secondary blob in read mode in another region in case the data center goes down

    Kindly let us know if the above helps or you need further assistance on this issue.

    ------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    Wednesday, June 26, 2019 7:22 AM
  • Thank you for the well explained answer. This will help others too.
    Wednesday, June 26, 2019 10:00 AM