Blob Containers & Storage Tiers
Blob Storage is Azure's object storage for unstructured data β images, videos, backups, logs, anything. Learn how to create containers, choose the right access tier, and understand when to use Hot, Cool, Cold, or Archive.
What is Blob Storage?
Blob Storage is like a massive, bottomless filing cabinet for any type of file.
On-prem, you stored files on file servers with NTFS. In Azure, Blob Storage holds unstructured data β photos, videos, backups, PDFs, log files, anything that isnβt a database. βBlobβ stands for Binary Large Object.
Inside a storage account, blobs live in containers (like folders). You create containers, set access levels, then upload blobs. Simple as that.
Container access levels
When creating a container, you set the public access level:
| Level | Who Can Read | Use Case |
|---|---|---|
| Private (default) | Only authorised users (key, SAS, or RBAC) | Sensitive data, internal use |
| Blob | Anyone can read individual blobs (if they know the URL) | Public images, downloads |
| Container | Anyone can list and read all blobs | Public file hosting |
Important: Even if container access is set to Blob or Container, the storage account must also allow public access. Thereβs a setting at the account level: βAllow Blob public access.β If disabled, no container can be public regardless of its own setting.
Exam tip: Default is private
New storage accounts created after a certain date have public blob access disabled by default. If a question mentions needing anonymous access to blobs, you need to both enable public access at the account level AND set the container to Blob or Container access.
Storage tiers (access tiers)
Azure Blob Storage offers multiple access tiers to optimise costs based on how frequently data is accessed:
| Tier | Storage Cost | Access Cost | Best For |
|---|---|---|---|
| Hot | Highest | Lowest | Frequently accessed data (websites, active files) |
| Cool | Lower than Hot | Higher than Hot | Infrequently accessed, stored 30+ days |
| Cold | Lower than Cool | Higher than Cool | Rarely accessed, stored 90+ days |
| Archive | Lowest | Highest (+ rehydration delay) | Long-term retention, stored 180+ days |
Key rules:
- Hot and Cool are set at the account level (default) or blob level (override)
- Cold is set at the blob level only
- Archive is set at the blob level only β and the blob is offline (must be rehydrated before reading)
- Changing tiers is instant (except rehydrating from Archive, which can take hours)
- Early deletion fees apply: 30 days for Cool, 90 days for Cold, 180 days for Archive
Real-world: TechCorp's tier strategy
TechCorp Solutions stores different data at different tiers:
- Hot: Active project files, website assets, application data
- Cool: Monthly backup snapshots (accessed only during restore)
- Cold: Quarterly compliance reports (accessed only during audits)
- Archive: 7-year tax records (legal retention, almost never accessed)
Alex estimates this saves 60% compared to keeping everything in Hot tier.
Exam tip: Archive tier rehydration
Archive blobs are offline. You cannot read them directly. You must rehydrate them first by changing the tier to Hot, Cool, or Cold. Rehydration can take up to 15 hours (standard priority) or 1 hour (high priority, at extra cost).
If a question says βdata must be accessible within minutesβ β Archive is NOT the answer.
Knowledge check
CloudFirst Labs stores user-uploaded profile photos that are accessed thousands of times per day. Which storage tier should they use?
Meridian Financial stores quarterly compliance reports that are only accessed during annual audits. The minimum retention period is 1 year. The reports must be accessible within 2 hours when requested. Which tier is most cost-effective?