AZ-305T00A

Designing
Microsoft
Azure Infrastructure
Architect

© Copyright Microsoft Corporation. All rights reserved.

Design a non-relational data storage solution

© Copyright Microsoft Corporation. All rights reserved.

Introduction

• Design for data storage

• Design for Azure storage accounts AZ-305: Design Data Storage Solutions (25-30%)
• Design for data redundancy Design a Data Storage Solution for Non-
relational Data
• Design for Azure blob storage
 Recommend access control solutions to data
• Design for Azure files storage
 Recommend a data storage solution to
• Design an Azure disk solutions
balance features, performance, and cost
• Design for storage security  Design a data solution for protection and
durability
• Case study
• Summary and resources

© Copyright Microsoft Corporation. All rights reserved.

Design for data storage

© Copyright Microsoft Corporation. All rights reserved.

Classify your data storage

To design Azure storage, you first must determine what type of data you have.
• Structured data includes relational data and has a shared schema
• Semi-structured is less organized than structured data and isn’t stored in a relational format
• Unstructured data is the least organized type of data

© Copyright Microsoft Corporation. All rights reserved.

Design for Azure storage accounts

© Copyright Microsoft Corporation. All rights reserved.

Determine the best storage account type
Select an account type based on supported services, usage cases, and SLA.

Account Type Supported services Usage

Standard general- Blobs / Data Lake, Queues, Recommended for most scenarios
purpose v2 (default) Tables, Azure Files

Premium block blobs Blob storage, Data Lake High transactions rates, single digit storage
latency, or large numbers of small transactions

Premium file shares Azure Files Enterprise or high-performance scale applications

- supports both SMB and NFS file shares

Premium page blobs Page blobs only High performance and low latency storage
scenarios

© Copyright Microsoft Corporation. All rights reserved.

Considerations for storage accounts
It is important to plan your storage accounts.

Location Replication
For performance reasons locate the data Data storage could have different
close to users. One storage account for replication strategies.
each location.

Compliance Administrative overhead

Regulatory guidelines for keeping data in Each storage account requires some time
a specific location / Internal requirements and attention from an administrator to
for auditing or storing data. create and maintain.

Cost Security - Data sensitivity

The settings for the account do influence Data plane security and data storage
the cost of services in the account. security.

© Copyright Microsoft Corporation. All rights reserved.

Design for data redundancy

© Copyright Microsoft Corporation. All rights reserved.

Select a storage replication strategy
What level of redundancy do you need?

Primary Region Secondary Region

Locally redundant Geo- redundant

storage storage Read and write access to the
secondary region are available if
the primary region becomes
Zone redundant unavailable
Geo-zone redundant
storage storage

• A node within a data center becomes unavailable

• An entire data center (zonal or non-zonal) becomes unavailable
• A region-wide outage occurs in the primary region

© Copyright Microsoft Corporation. All rights reserved.

Design for Azure blob storage

© Copyright Microsoft Corporation. All rights reserved.

Determine the storage tier
Blob storage is an object store used for storing vast amounts of unstructured data.
Retrieval/Read
Tier Storage Costs Storage Duration Usage cases
Costs
• High throughout and large numbers
Premium High Lowest N/A
of I/O operations per second 
• Active and frequent use
Standard Hot Medium Low N/A
• Data staged for processing
• Short-term backup
Standard
Low Medium > 30 days • Older media infrequently viewed
Cool
• Large data sets
• Long-term backup
Standard
Lowest High > 180 days • Original (raw) data
Archive
• Compliance or archival data
• Use lifecycle rules to transition blob data to the appropriate access tiers
• Consider a data lifecycle rule to expire or delete data
© Copyright Microsoft Corporation. All rights reserved.
Consider immutable storage policies
Determine regulatory compliance, secure document retention, and legal hold policies.

• Apply immutable storage policies at the

container level
• Use time-based retention policies for
business-critical data
• Use legal-hold policies for sensitive
information to ensure a tamper proof state
• Policies apply only to new content
• Audit logs are available

© Copyright Microsoft Corporation. All rights reserved.

Design for Azure files

© Copyright Microsoft Corporation. All rights reserved.

Compare Azure files to Azure blobs
The technology you choose depends on the use case, protocol, and performance.

Category Azure Files Azure Blob Storage

Use cases • Replace or supplement traditional on- • Large scale analytical data
premises file servers or NAS devices • Throughput sensitive high-performance
• Access files shares from anywhere computing
• Lift and shift content to the cloud • Backup and archive
• Replicate and cache with Azure File Sync • Autonomous driving, media rendering,
• Share stored application settings or genomic sequencing data

Available protocols • SMB • NFS 3.0

• REST • REST
• NFS 4.1 • Data Lake Storage Gen2
Performance (Per • Better IOPS • Better throughput
volume)

© Copyright Microsoft Corporation. All rights reserved.

Select a file storage tier (activity)
Tailor your file tiers to the performance and price you need

File storage tiers

You need storage optimized for
Premium You have highly I/O-intensive
general purpose file sharing
workloads, with high throughput
scenarios such as team shares
Transaction and low latency
and Azure File Sync
optimized

Hot You have transaction heavy

You need cost-efficient storage
workloads and applications that
optimized for online archive
require file storage and backend
storage scenarios
Cool storage

© Copyright Microsoft Corporation. All rights reserved.

Design for NetApp files
The Azure NetApp Files service is enterprise-class, high-performance, metered file storage.

Migration (Windows Apps & SQL Server | Linux OSS

• Ease of migration Apps & Databases | SAP on Azure)
• Workload scale
Specialized workloads (HPC | VDI | AVS)
• Flexibility
• Storage technology
Azure Platform Services (AKS, Azure Batch, …)

Azure NetApp Files (Enterprise NAS)

© Copyright Microsoft Corporation. All rights reserved.

Design an Azure disk solution

© Copyright Microsoft Corporation. All rights reserved.

Select an Azure disk solution
Azure disks are block-level storage volumes used with Azure virtual machines.

• Consider disk type, scenario, throughput, Disk type Usage cases

and IOPS
Ultra-disk SSD IO-intensive workloads such as SAP
• Always use managed disks HANA, top tier databases (SQL,
Oracle), and other transaction-heavy
• Optimize read and write access with disk
workloads
caching
Premium SSD Production and performance sensitive
• Use Azure Disk Encryption workloads
Standard SSD Web servers, lightly used enterprise
• Enhance performance with multiple disks
applications and dev/test
• Network acceleration feature
Standard HDD Backup, non-critical, infrequent access
• Share disks across multiple VMs

© Copyright Microsoft Corporation. All rights reserved.

Design for storage security

© Copyright Microsoft Corporation. All rights reserved.

Considerations for storage security
Use a layered security model to secure and control access.

Firewall policies Customer-managed keys Service endpoints

Enable secure transfer Private endpoints

Storage accounts

• Grant limited access to Azure Storage resources

• Enable firewall rules to limit access to access - IP addresses or subnets
• Use private endpoints and private links for clients
• Use virtual network service endpoints to provide direct connection
• Use customer managed encryption keys

© Copyright Microsoft Corporation. All rights reserved.

Review

© Copyright Microsoft Corporation. All rights reserved.

Case study – Non-relational data

Media files Marketing literature Corporate documents

• Product photos and feature • Customer stories, sales flyers, • Internal documents – some
videos sizing charts, and eco-friendly sensitive
• JPEG and MP4 are most manufacturing information • Mostly Office formats like
common formats • PDF format is the most Word and Excel
common

© Copyright Microsoft Corporation. All rights reserved.

Case study discussion
• Design a storage solution for Tailwind Traders.
 What type of data is represented?
 What factors will you consider in your
design?
 What type of storage accounts are needed?
 Will you use blob access tiers?
 Will you use immutable storage?
 How will the content be securely accessed?
• Your solution should consider the media,
marketing literature, and corporate documents.

© Copyright Microsoft Corporation. All rights reserved.

Instructor Solution Diagram - Completed
Primary region

Internet Blob Storage

Access tiers

Application App Services Storage Account

GW

Azure Files
Web Apps Storage

Azure Active
Directory

Media files

Internet
Marketing
Web Site
literature

Corporate
documents

Web Application Storage

Main office © Copyright Microsoft Corporation. All rights reserved.

Summary and resources

Check your knowledge Microsoft Learn Modules (docs.microsoft.com/Learn)

Choose the right disk storage for your virtual machine workload 

Configure blob storage 

Optimize performance and costs by using Azure Disk Storage 

Caching and performance in Azure storage disks 

Secure your Azure virtual machine disks 

Introduction to securing data at rest on Azure 

Introduction to Azure NetApp Files

Optional hands-on exercise - Create a storage account using the Azure portal
© Copyright Microsoft Corporation. All rights reserved.
End of presentation

© Copyright Microsoft Corporation. All rights reserved.