您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

关于 Azure 存储帐户About Azure storage accounts

提示

本文中的内容适用于原始的 Azure 表存储。The content in this article applies to the original Azure Table storage. 但是,现在提供了表存储高级版本,即 Azure Cosmos DB 表 API,该版本提供吞吐量优化表、全局分发和自动辅助索引。However, there is now a premium offering for table storage, the Azure Cosmos DB Table API that offers throughput-optimized tables, global distribution, and automatic secondary indexes. 若要详细了解和尝试高级体验,请查看 Azure Cosmos DB 表 APITo learn more and try out the premium experience, please check out Azure Cosmos DB Table API.

概述Overview

Azure 存储帐户提供唯一的命名空间来存储和访问 Azure 存储数据对象。An Azure storage account provides a unique namespace to store and access your Azure Storage data objects. 存储帐户中的所有对象会作为组共同计费。All objects in a storage account are billed together as a group. 默认情况下,只有你,即帐户所有者,才能使用帐户中的数据。By default, the data in your account is available only to you, the account owner.

有两种类型的存储帐户:There are two types of storage accounts:

通用存储帐户General-purpose Storage Accounts

通用存储帐户有权使用单个帐户访问诸如表、队列、文件、Blob 和 Azure 虚拟机磁盘等 Azure 存储服务。A general-purpose storage account gives you access to Azure Storage services such as Tables, Queues, Files, Blobs and Azure virtual machine disks under a single account. 此类型存储帐户具有两个性能层:This type of storage account has two performance tiers:

Blob 存储帐户Blob Storage Accounts

Blob 存储帐户是将非结构化数据作为 Blob(对象)存储在 Azure 存储的专用存储帐户。A Blob storage account is a specialized storage account for storing your unstructured data as blobs (objects) in Azure Storage. Blob 存储帐户类似于现有通用存储帐户,并且具有现在使用的所有卓越的耐用性、可用性、伸缩性和性能功能,包括用于块 blob 和追加 blob 的 100% API 一致性。Blob storage accounts are similar to your existing general-purpose storage accounts and share all the great durability, availability, scalability, and performance features that you use today including 100% API consistency for block blobs and append blobs. 对于仅需要块 blob 或追加 blob 存储的应用程序,我们建议使用 Blob 存储帐户。For applications requiring only block or append blob storage, we recommend using Blob storage accounts.

备注

Blob 存储帐户仅支持块 blob 和追加 blob,不支持页 blob。Blob storage accounts support only block and append blobs, and not page blobs.

Blob 存储帐户公开 访问层 属性,该属性可在帐户创建过程中指定,并稍后根据需要进行修改。Blob storage accounts expose the Access Tier attribute which can be specified during account creation and modified later as needed. 根据数据访问模式可以指定两种类型的访问层:There are two types of access tiers that can be specified based on your data access pattern:

  • 访问层,表示被更频繁地访问存储帐户中的对象。A Hot access tier which indicates that the objects in the storage account will be more frequently accessed. 该访问层允许以较低访问成本存储数据。This allows you to store data at a lower access cost.
  • 访问层,表示将不经常访问存储帐户中的对象。A Cool access tier which indicates that the objects in the storage account will be less frequently accessed. 该访问层允许以较低数据存储成本存储数据。This allows you to store data at a lower data storage cost.

如果数据的使用模式有所更改,也可以随时在这些访问层之间切换。If there is a change in the usage pattern of your data, you can also switch between these access tiers at any time. 更改访问层可能会产生额外费用。Changing the access tier may result in additional charges. 有关更多详细信息,请参阅 Blob 存储帐户的定价和计费Please see Pricing and billing for Blob storage accounts for more details.

有关 Blob 存储帐户的更多详细信息,请参阅 Azure Blob 存储:冷层和热层For more details on Blob storage accounts, see Azure Blob Storage: Cool and Hot tiers.

必须具有 Azure 订阅(这是允许访问各种 Azure 服务的计划),然后才能创建存储帐户。Before you can create a storage account, you must have an Azure subscription, which is a plan that gives you access to a variety of Azure services. 可通过 免费帐户开始使用 Azure。You can get started with Azure with a free account. 一旦决定购买某个订阅计划,可从各种 购买选项中进行选择。Once you decide to purchase a subscription plan, you can choose from a variety of purchase options. 如果是 MSDN 订户,则可以获得免费的月度信用,可以将其用于各种 Azure 服务,包括 Azure 存储。If you’re an MSDN subscriber, you get free monthly credits that you can use with Azure services, including Azure Storage. 有关批量定价的信息,请参阅 Azure 存储定价 See Azure Storage Pricing for information on volume pricing.

若要了解如何创建存储帐户,请参阅 创建存储帐户 获取更多详细信息。To learn how to create a storage account, see Create a storage account for more details. 通过单个订阅,最多可以创建 200 个唯一命名的存储帐户。You can create up to 200 uniquely named storage accounts with a single subscription. 有关存储帐户限制的详细信息,请参阅 Azure 存储可伸缩性和性能目标See Azure Storage Scalability and Performance Targets for details about storage account limits.

存储帐户计费Storage account billing

我们会根据存储帐户,针对 Azure 存储使用情况收费。You are billed for Azure Storage usage based on your storage account. 存储成本取决于以下几个因素:区域/位置、帐户类型、存储容量、复制方案、存储交易和数据流出量。Storage costs are based on the following factors: region/location, account type, storage capacity, replication scheme, storage transactions, and data egress.

  • 区域是指帐户所在的地理区域。Region refers to the geographical region in which your account is based.
  • 帐户类型是指是使用通用存储帐户还是 Blob 存储帐户。Account type refers to whether you are using a general-purpose storage account or a Blob storage account. 如果使用的是 Blob 存储帐户,则访问层还可以确定该帐户的计费模型。With a Blob storage account, the access tier also determines the billing model for the account.
  • 存储容量指的是存储帐户中用来存储数据的配额。Storage capacity refers to how much of your storage account allotment you are using to store data.
  • 复制可以确定一次保留的数据副本的数量以及保留位置。Replication determines how many copies of your data are maintained at one time, and in what locations.
  • 事务指的是对 Azure 存储的所有读取和写入操作。Transactions refer to all read and write operations to Azure Storage.
  • 数据流出量指的是传出某个 Azure 区域的数据。Data egress refers to data transferred out of an Azure region. 当不在同一区域中的应用程序访问存储帐户中的数据时,需要为数据流出量付费。When the data in your storage account is accessed by an application that is not running in the same region, you are charged for data egress. (对于 Azure 服务,可以采取措施将数据和服务通过分组分到相同的数据中心内,从而降低或避免数据流出量费用。)(For Azure services, you can take steps to group your data and services in the same data centers to reduce or eliminate data egress charges.)

Azure 存储定价 页提供基于帐户类型、存储容量、复制和交易的详细定价信息。The Azure Storage Pricing page provides detailed pricing information based on account type, storage capacity, replication, and transactions. 数据传输定价详细信息 提供了针对数据流出量的详细定价信息。The Data Transfers Pricing Details provides detailed pricing information for data egress. 可以使用 Azure 存储定价计算器 来帮助估算成本。You can use the Azure Storage Pricing Calculator to help estimate your costs.

备注

创建 Azure 虚拟机时,如果在部署位置中还没有存储帐户,则会在该位置自动创建一个存储帐户。When you create an Azure virtual machine, a storage account is created for you automatically in the deployment location if you do not already have a storage account in that location. 因此,没有必要按照下面的步骤来创建虚拟机磁盘的存储帐户。So it's not necessary to follow the steps below to create a storage account for your virtual machine disks. 存储帐户名称将基于虚拟机名称。The storage account name will be based on the virtual machine name. 请参阅 Azure 虚拟机文档 以了解更多详细信息。See the Azure Virtual Machines documentation for more details.

存储帐户终结点Storage account endpoints

存储在 Azure 存储中的每个对象都有唯一的 URL 地址。Every object that you store in Azure Storage has a unique URL address. 存储帐户名称构成该地址的子域。The storage account name forms the subdomain of that address. 特定于每个服务的子域和域名的组合构成存储帐户的 终结点The combination of subdomain and domain name, which is specific to each service, forms an endpoint for your storage account.

例如,如果存储帐户名为 mystorageaccount,则存储帐户的默认终结点为:For example, if your storage account is named mystorageaccount, then the default endpoints for your storage account are:

  • Blob 服务:http://mystorageaccount.blob.core.windows.netBlob service: http://mystorageaccount.blob.core.windows.net
  • 表服务:http://mystorageaccount.table.core.windows.netTable service: http://mystorageaccount.table.core.windows.net
  • 队列服务:http://mystorageaccount.queue.core.windows.netQueue service: http://mystorageaccount.queue.core.windows.net
  • 文件服务:http://mystorageaccount.file.core.windows.netFile service: http://mystorageaccount.file.core.windows.net

备注

Blob 存储帐户仅公开 Blob 服务终结点。A Blob storage account only exposes the Blob service endpoint.

用于访问存储帐户中某个对象的 URL 是通过将存储帐户中对象的位置附加到终结点而构建的。The URL for accessing an object in a storage account is built by appending the object's location in the storage account to the endpoint. 例如,Blob 地址可能具有以下格式:http://mystorageaccount.blob.core.windows.net/mycontainer/myblobFor example, a blob address might have this format: http://mystorageaccount.blob.core.windows.net/mycontainer/myblob.

此外还可以配置用于存储帐户的自定义域名称。You can also configure a custom domain name to use with your storage account. 有关详细信息,请参阅为 Blob 存储终结点配置自定义域名称For more information, see Configure a custom domain Name for your Blob Storage Endpoint. 也可使用 PowerShell 来配置它。You can also configure it with PowerShell. 有关详细信息,请参阅 Set-AzureRmStorageAccount cmdlet。For more information, see the Set-AzureRmStorageAccount cmdlet.

创建存储帐户Create a storage account

  1. 登录到 Azure 门户Sign in to the Azure portal.
  2. 在 Azure 门户中展开左侧的菜单,打开服务菜单,然后选择“更多服务”。In the Azure portal, expand the menu on the left side to open the menu of services, and choose More Services. 然后向下滚动到“存储”,接着选择“存储帐户”。Then, scroll down to Storage, and choose Storage accounts. 在显示的“存储帐户”窗口中,选择“添加”。On the Storage Accounts window that appears, choose Add.
  3. 输入存储帐户的名称。Enter a name for your storage account. 有关如何使用存储帐户名称在 Azure 存储中定位对象的详细信息,请参阅 存储帐户终结点See Storage account endpoints for details about how the storage account name will be used to address your objects in Azure Storage.

    备注

    存储帐户名称必须为 3 到 24 个字符,并且只能包含数字和小写字母。Storage account names must be between 3 and 24 characters in length and may contain numbers and lowercase letters only.

    存储帐户名称在 Azure 中必须是唯一的。Your storage account name must be unique within Azure. Azure 门户将指出你选择的存储帐户名称是否已被使用。The Azure portal will indicate if the storage account name you select is already in use.

  4. 指定要使用的部署模型:Resource Manager经典Specify the deployment model to be used: Resource Manager or Classic. 建议使用“资源管理器”部署模型。Resource Manager is the recommended deployment model. 有关详细信息,请参阅了解 Resource Manager 部署和经典部署For more information, see Understanding Resource Manager deployment and classic deployment.

    备注

    仅可使用 Resource Manager 部署模型来创建 Blob 存储帐户。Blob storage accounts can only be created using the Resource Manager deployment model.

  5. 选择存储帐户的类型:“常规用途”或“Blob 存储”。Select the type of storage account: General purpose or Blob storage. “常规用途”是默认值。General purpose is the default.

    如果已选择“常规用途”,则指定性能层:“标准”或“高级”。If General purpose was selected, then specify the performance tier: Standard or Premium. 默认值为“标准”。The default is Standard. 有关标准和高级存储帐户的更多详细信息,请参阅 Microsoft Azure 存储简介高级存储:适用于 Azure 虚拟机工作负荷的高性能存储For more details on standard and premium storage accounts, see Introduction to Microsoft Azure Storage and Premium Storage: High-Performance Storage for Azure Virtual Machine Workloads.

    如果已选择“Blob 存储”,则指定访问层:“经常访问”或“不常访问”。If Blob Storage was selected, then specify the access tier: Hot or Cool. 默认设置为“热”。The default is Hot. 有关如何使用存储帐户名称在 Azure 存储中定位对象的详细信息,请参阅 Azure Blob 存储:不常访问和经常访问的层 以了解更多详细信息。See Azure Blob Storage: Cool and Hot tiers for more details.

  6. 选择存储帐户的复制选项:“LRS”、“GRS”、“RA-GRS”或“ZRS”。Select the replication option for the storage account: LRS, GRS, RA-GRS, or ZRS. 默认值为“RA-GRS”。The default is RA-GRS. 有关 Azure 存储复制选项的更多详细信息,请参阅 Azure 存储复制For more details on Azure Storage replication options, see Azure Storage replication.
  7. 选择想在其中创建新存储帐户的订阅。Select the subscription in which you want to create the new storage account.
  8. 指定新资源组或选择现有资源组。Specify a new resource group or select an existing resource group. 有关资源组的详细信息,请参阅 Azure 资源管理器概述For more information on resource groups, see Azure Resource Manager overview.
  9. 选择存储帐户的地理区域。Select the geographic location for your storage account. 有关哪些服务在哪个区域中可用的详细信息,请参阅 Azure 区域See Azure Regions for more information about what services are available in which region.
  10. 单击“创建”以创建存储帐户。Click Create to create the storage account.

管理存储帐户Manage your storage account

更改帐户配置Change your account configuration

创建存储帐户之后,可以修改其配置,例如更改帐户所用的复制选项,或更改 Blob 存储帐户的访问层。After you create your storage account, you can modify its configuration, such as changing the replication option used for the account or changing the access tier for a Blob storage account. Azure 门户中,导航到存储帐户,查找并单击“设置”下的“配置”以查看和/或更改帐户配置。In the Azure portal, navigate to your storage account, find and click Configuration under SETTINGS to view and/or change the account configuration.

备注

视你在创建存储帐户时选择的性能层而定,可能无法使用某些复制选项。Depending on the performance tier you chose when creating the storage account, some replication options may not be available.

更改复制选项将更改定价。Changing the replication option will change your pricing. 有关更多详细信息,请参阅 Azure 存储定价 页。For more details, see Azure Storage Pricing page.

对于 Blob 存储帐户,更改访问层除了会更改定价之外,可能还会产生更改费用。For Blob storage accounts, changing the access tier may incur charges for the change in addition to changing your pricing. 有关更多详细信息,请参阅 Blob 存储帐户 — 定价和计费Please see the Blob storage accounts - Pricing and Billing for more details.

管理存储访问密钥Manage your storage access keys

创建存储帐户时,Azure 将生成两个 512 位存储访问密钥,用于在用户访问该存储帐户时对其进行身份验证。When you create a storage account, Azure generates two 512-bit storage access keys, which are used for authentication when the storage account is accessed. 通过提供两个存储访问密钥,Azure 使你能够在不中断存储服务的情况下重新生成用于访问该服务的密钥。By providing two storage access keys, Azure enables you to regenerate the keys with no interruption to your storage service or access to that service.

备注

我们建议避免与其他人共享存储访问密钥。We recommend that you avoid sharing your storage access keys with anyone else. 要允许不提供访问密钥即可访问存储空间资源,可使用 共享访问签名To permit access to storage resources without giving out your access keys, you can use a shared access signature. 共享访问签名可用于访问帐户中的资源,访问时间间隔由你定义,访问权限由你指定。A shared access signature provides access to a resource in your account for an interval that you define and with the permissions that you specify. 有关详细信息,请参阅 使用共享访问签名 (SAS)See Using Shared Access Signatures (SAS) for more information.

查看和复制存储访问密钥View and copy storage access keys

Azure 门户中,导航到存储帐户,单击“所有设置”,然后单击“配置”以查看和/或更改帐户配置。In the Azure portal, navigate to your storage account, click All settings and then click Access keys to view, copy, and regenerate your account access keys. “访问密钥”边栏选项卡还包含使用主密钥和辅助密钥预配置的连接字符串,可复制到应用程序中使用。The Access Keys blade also includes pre-configured connection strings using your primary and secondary keys that you can copy to use in your applications.

重新生成存储访问密钥Regenerate storage access keys

我们建议定期更改存储帐户的访问密钥,以确保存储连接安全。We recommend that you change the access keys to your storage account periodically to help keep your storage connections secure. 分配了两个访问密钥,以便在重新生成其中一个访问密钥时,始终能够使用另一个访问密钥连接到存储帐户。Two access keys are assigned so that you can maintain connections to the storage account by using one access key while you regenerate the other access key.

警告

重新生成访问密钥会影响 Azure 中的服务以及自己的依赖于存储帐户的应用程序。Regenerating your access keys can affect services in Azure as well as your own applications that are dependent on the storage account. 必须更新使用访问密钥访问存储帐户的所有客户端,以使用新密钥。All clients that use the access key to access the storage account must be updated to use the new key.

媒体服务 - 如果媒体服务依赖于存储帐户,则必须在重新生成密钥后将访问密钥与媒体服务重新同步。Media services - If you have media services that are dependent on your storage account, you must re-sync the access keys with your media service after you regenerate the keys.

应用程序 - 如果拥有使用存储帐户的 Web 应用程序或云服务,则重新生成密钥将失去连接,除非滚动使用密钥。Applications - If you have web applications or cloud services that use the storage account, you will lose the connections if you regenerate keys, unless you roll your keys.

存储资源管理器 - 如果使用任何 存储资源管理器应用程序,可能需要更新这些应用程序所使用的存储密钥。Storage Explorers - If you are using any storage explorer applications, you will probably need to update the storage key used by those applications.

下面是轮换存储访问密钥的过程:Here is the process for rotating your storage access keys:

  1. 更新应用程序代码中的连接字符串以引用存储帐户的辅助访问密钥。Update the connection strings in your application code to reference the secondary access key of the storage account.
  2. 为存储帐户重新生成主访问密钥。Regenerate the primary access key for your storage account. 在“访问密钥”边栏选项卡上,单击“重新生成密钥 1”,并单击“是”以确认要生成新密钥。On the Access Keys blade, click Regenerate Key1, and then click Yes to confirm that you want to generate a new key.
  3. 更新代码中的连接字符串以引用新的主访问密钥。Update the connection strings in your code to reference the new primary access key.
  4. 以相同方式重新生成辅助访问密钥。Regenerate the secondary access key in the same manner.

删除存储帐户Delete a storage account

要删除不再使用的存储帐户,请在 Azure 门户中导航到该存储帐户,并单击“删除”。To remove a storage account that you are no longer using, navigate to the storage account in the Azure portal, and click Delete. 删除存储帐户将删除整个帐户,包括该帐户中的所有数据。Deleting a storage account deletes the entire account, including all data in the account.

警告

无法恢复已删除的存储帐户,也无法检索删除之前该存储帐户包含的任何内容。It's not possible to restore a deleted storage account or retrieve any of the content that it contained before deletion. 请在删除帐户之前务必备份要保存的任何内容。Be sure to back up anything you want to save before you delete the account. 对于帐户中的任务资源也是如此 — 一旦你删除了一个 Blob、表、队列或文件,则它会被永久删除。This also holds true for any resources in the account—once you delete a blob, table, queue, or file, it is permanently deleted.

如果尝试删除与 Azure 虚拟机关联的存储帐户,则会显示一条错误消息,指出存储帐户仍在使用。If you try to delete a storage account associated with an Azure virtual machine, you may get an error about the storage account still being in use. 有关如何排查此错误的帮助,请参阅排查删除存储帐户时的错误For help troubleshooting this error, please see Troubleshoot errors when you delete storage accounts.

后续步骤Next steps