iCompaas Support

Profile Applicability:

•  Level 2

Description:
 Geo-Redundant Storage (GRS) replicates data synchronously within the primary region and asynchronously to a secondary geographic region hundreds of miles away. Setting redundancy to GRS ensures that critical Azure Storage Accounts maintain high availability and durability even in the event of a regional outage.

Rationale:
 Using GRS protects against regional disasters by providing automatic failover to a secondary region, enhancing business continuity and disaster recovery capabilities. This level of redundancy supports compliance with resiliency and data protection requirements.

Impact:

Pros:

• Provides high durability with geographic replication.
  

• Enhances disaster recovery and business continuity.
  

• Meets stringent regulatory and compliance needs.
  

Cons:

• Incurs higher costs compared to locally redundant storage.
  

• Potential latency due to asynchronous replication.
  

Default Value:
 Many storage accounts default to locally redundant storage (LRS) unless specified.

Pre-requisites:

• Azure subscription with permissions to configure storage account redundancy.
  

• Identification of critical storage accounts requiring GRS.
  

Remediation

Test Plan:

Using Azure Portal:

1. Sign in to https://portal.azure.com.
   

2. Navigate to the Storage Account.
   

3. Under Configuration or Replication, verify that Geo-Redundant Storage (GRS) is selected.
   

Using Azure CLI:

1. Check redundancy setting:
   

   # az storage account show --name <storage-account-name> --resource-group <resource-group> --query sku.name

2. Confirm the output includes Standard_GRS or Premium_ZRS with geo-replication enabled.
   

Implementation Plan

Using Azure Portal:

1. Change the storage account redundancy setting to Geo-Redundant Storage (GRS).
   

2. Save and verify the configuration.
   

Using Azure CLI:

1. Update redundancy to GRS:
   

   # az storage account update --name <storage-account-name> --resource-group <resource-group> --sku Standard_GRS

2. Confirm the update.
   

Backout Plan

Using Azure Portal:

1. Revert redundancy to a lower tier if required (e.g., Locally Redundant Storage).
   

2. Inform stakeholders of the change.
   

Using Azure CLI:

Update redundancy to LRS:

# az storage account update --name <storage-account-name> --resource-group <resource-group> --sku Standard_LRS

References:

• Azure Storage redundancy options
• Choose a replication strategy