DEV Community

Rashmiranjan Sahoo
Rashmiranjan Sahoo

Posted on

Azure storage service - learning day 4

What is life cycle Management?

Lifecycle Management offers a rich rule-based policy which we can use to transition our data to the best access tier and to delete data at the end of its life cycle.

Security in azure

security is most important aspect in cloud.

Security mapped for all the services

Authentication

  • Storage account keys
  • Shared access signature (SAS)
  • Azure Active Directory (Azure AD)

Access Control

-Role based access control (RBAC)
-Access control list (ACL)

Network access

  • Firewall and virtual network

Data Protection

  • Data encryption in transit
  • Data encryption at rest

Difference between Iam and (RBAC, ACL)

In IAM we give the access on container level in blob and data lake.

But in RBAC, ACL we give the access on folder level, and it is only available for data lake gen2.

By click on container go to the directory structure,
which is HFS hierarchy file structure,
Right click on any directory.

  • select manage ACL
  • Add Principal Here principal means it can be a user, group or it can be an application service.

Data redundancy for storage

Redundancy mainly used when it comes to data lake for high availability and disaster recovery.

Types

LRS (locally redundant storage)

  • Three copies of data which is maintained within the same primary data center.

ZRS (Zone Redundant Storage)

-Three copies of your data replicated synchronously to 3 Azure availability zones in a primary region.

  • Zones are different physical locations on different data centers.

GRS (Geo-redundant Storage)
-This allows our data to be stored in different geographic areas of the country or world.

  • we get 3 copies within a primary region, but it goes one step further and places 3 additional asynchronous copies in another region.

RA-GRS (Read access Geo redundant storage)

  • This is Grs but adds a read only element that allows us to have read access for things like reporting.

GZRS (Geo zone redundant storage)

Copy our data synchronously over 3 primary region azure availability zones using ZRS.

  • Then asynchronously copies our data to a single physical location within the secondary region.

RAGZRS (Read Access Geo Zone redundant storage)

It adds a layer of readability to our secondaries.

Monitoring service

Azure monitoring service helps us to maximize the availability and performance of our applications and services.

  • This information helps us to understand how our applications are performing and proactively identifies issues affecting them and the resources they depend on.

The components of monitoring services are:

  • alerts
  • metrics
  • diagnostics
  • logs Analytics

 
Alerts

Alerts in azure monitor proactively notify us of critical conditions and potentially attempt to take corrective actions.

Top comments (0)