azure-storage
**UTILITY SKILL** — Azure Storage Services: Blob, File Shares, Queue, Table, and Data Lake. Object storage, SMB shares, async messaging, NoSQL key-value, big-data analytics. Access tiers + lifecycle management. WHEN: "blob storage", "file shares", "queue storage", "table storage", "data lake", "access tiers", "lifecycle management". DO NOT USE FOR: SQL databases, Cosmos DB (use azure-prepare), Event Hubs / Service Bus messaging.
71
86%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Passed
No known issues
Azure Storage Services
Services
| Service | Use When | CLI |
|---|---|---|
| Blob Storage | Objects, files, backups, static content | az storage blob |
| File Shares | SMB file shares, lift-and-shift | az storage file |
| Queue Storage | Async messaging, task queues | az storage queue |
| Table Storage | NoSQL key-value (consider Cosmos DB) | az storage table |
| Data Lake | Big data analytics, hierarchical namespace | az storage fs |
CLI commands
# List storage accounts
az storage account list --output table
# List containers
az storage container list --account-name ACCOUNT --output table
# List blobs
az storage blob list --account-name ACCOUNT --container-name CONTAINER --output table
# Download blob
az storage blob download --account-name ACCOUNT --container-name CONTAINER --name BLOB --file LOCAL_PATH
# Upload blob
az storage blob upload --account-name ACCOUNT --container-name CONTAINER --name BLOB --file LOCAL_PATHFor deeper service docs and patterns, call mcp_azure-mcp_documentation
with command: "microsoft_docs_search" and the relevant Azure Storage
topic, or follow the links in Service Details.
Storage Account Tiers
| Tier | Use Case | Performance |
|---|---|---|
| Standard | General purpose, backup | Milliseconds |
| Premium | Databases, high IOPS | Sub-millisecond |
Blob Access Tiers
| Tier | Access Frequency | Cost |
|---|---|---|
| Hot | Frequent | Higher storage, lower access |
| Cool | Infrequent (30+ days) | Lower storage, higher access |
| Cold | Rare (90+ days) | Lower still |
| Archive | Rarely (180+ days) | Lowest storage, rehydration required |
Redundancy Options
| Type | Durability | Use Case |
|---|---|---|
| LRS | 11 nines | Dev/test, recreatable data |
| ZRS | 12 nines | Regional high availability |
| GRS | 16 nines | Disaster recovery |
| GZRS | 16 nines | Best durability |
Rules
- Use Managed Identity over shared keys — connect via
DefaultAzureCredential(or equivalent SDK helper) instead of account keys or SAS where possible - Disable public blob access by default; use private endpoints + Entra-only access for prod data
- Match the access tier to the access pattern — Hot for active, Cool for 30+ days, Cold for 90+ days, Archive for 180+ days (rehydration required to read)
- Pick redundancy by RPO/RTO — LRS for dev, ZRS for regional HA, GRS/GZRS for DR
- Apply lifecycle management to auto-tier blobs based on age and last access
- Premium tier is for sub-millisecond latency / high-IOPS workloads; default is Standard
- Security baseline is non-negotiable — see iac-security-baseline.md (TLS 1.2 minimum, HTTPS-only, public blob disabled, Managed Identity)
- Out of scope: SQL / Cosmos DB (use
azure-prepare), messaging via Event Hubs / Service Bus
Steps
- Identify the storage service for the workload — see Services (Blob / File / Queue / Table / Data Lake)
- Choose redundancy — LRS / ZRS / GRS / GZRS based on RPO/RTO requirements
- Choose access tier — Hot / Cool / Cold / Archive based on expected access frequency
- Apply security baseline — see iac-security-baseline.md (HTTPS-only, TLS 1.2, public blob disabled, Managed Identity)
- Run routine operations via
az storageCLI — see CLI commands - Wire lifecycle management for long-lived data to auto-tier and reduce cost
Service Details
For deep documentation on specific services:
- Blob storage patterns and lifecycle -> Blob Storage documentation
- File shares and Azure File Sync -> Azure Files documentation
- Queue patterns and poison handling -> Queue Storage documentation
SDK Quick References
For building applications with Azure Storage SDKs, see the condensed guides:
- Blob Storage: Python | TypeScript | Java | Rust
- Queue Storage: Python | TypeScript
- File Shares: Python | TypeScript
- Data Lake: Python
- Tables: Python | Java
For full package listing across all languages, see SDK Usage Guide.
Azure SDKs
For building applications that interact with Azure Storage programmatically, Azure provides SDK packages in multiple languages (.NET, Java, JavaScript, Python, Go, Rust). See SDK Usage Guide for package names, installation commands, and quick start examples.
Reference Index
Load these on demand — do NOT read all at once:
| Reference | When to Load |
|---|---|
references/auth-best-practices.md | Auth Best Practices |
references/sdk-usage.md | Sdk Usage |
- Repository
- jonathan-vella/azure-agentic-infraops
- Commit
a0098f9
- Last updated
- Created
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.