Recommendations for Sitecore Azure Blob Storage module usage


Description

This article describes recommendations for Sitecore customers who are hosting Sitecore solutions in Azure and using Azure Blob Storage module for Sitecore media files.

Azure Blob Storage module uses Azure Storage account blob for Sitecore media files.

In order to avoid accidental deletes or overwrites of blob data, you can enable soft delete for blobs. When data is deleted, it is transitioned to a soft deleted state instead of being permanently erased. Object-level soft delete is available for all storage account types and all storage tiers. It does not protect against container or account deletions. Container soft delete does not protect against the deletion of a storage account, but only against the deletion of containers in that account.

In order to maintain visibility, you can enable diagnostic settings for your Azure storage account, and enforce these settings to retrieve the history of individual users’ actions and the history taken during a particular date range.

When a new storage account is created automatically for blobs and content, soft delete might be off by default as well as diagnostic settings.

Cost impact:

  1. Soft delete is billed at the same rate as active data. You will not be charged for data that is permanently deleted after the retention period elapses. Soft delete pricing and billing.
  2. Azure  Diagnostic settings are billed for storage and bandwidth according to Azure pricing.

Solution

To enable soft delete for blobs in your storage account using the Azure portal, follow these steps:

  1. In the Azure portal, navigate to your storage account.
  2. Locate the Data Protection option under Data management.
  3. In the Recovery section, select check Enable soft delete for blobs.
  4. Specify a retention period between 1 and 365 days. Microsoft recommends a minimum retention period of seven days.
  5. Save changes.

    Graphical user interface, text, application, emailDescription automatically generated

To enable diagnostic settings:

  1. Sign in to the Azure portal.
  2. Navigate to your storage account.
  3. In the Monitoring section, click Diagnostic settings.

  4. Click on the blob storage.
  5. Click Add diagnostic setting.




  6. The Diagnostic settings page appears.

    Graphical user interface, text, application, emailDescription automatically generated

  7. In the Diagnostic setting name* field of the page, enter a name for this Resource log setting. Then, select which operations you want to be logged (read, write, and delete operations), and where you want the logs to be sent.
  8. To send logs to Azure Log Analytics, select the Send to Log Analytics checkbox, select a log analytics workspace, and then click Save.

    Graphical user interface, text, application, emailDescription automatically generated