Scalable file storage on Azure: the right choice for each job

File storage seems simple until scale, compliance, or cost shows up. Here’s how to pick the correct Azure storage service and design uploads/downloads that stay cheap and reliable.

Services at a glance

• Blob Storage: generic objects; tiers (hot/cool/archive); static website; presigned URLs
• Azure Files: SMB/NFS file shares for lift‑and‑shift or legacy apps
• Data Lake Gen2: hierarchical namespace for analytics workloads
• CDN/Front Door: global cache and edge rules

Upload patterns

• Use client‑direct uploads with SAS (short‑lived) to avoid proxying large files through your server. Validate type/size first.
• For multi‑GB files, use block uploads with resumable chunks and integrity checks.

Access control

• Default to private containers, issue time‑boxed SAS for download. For public assets, put CDN in front and keep origin private with rules.

Lifecycle and cost

• Set lifecycle rules: move to cool/archive after N days; delete after retention.
• Compress and deduplicate; store thumbnails separately instead of shipping originals everywhere.

Example: presigned upload flow

1. Client asks your API for an upload token (valid 5 minutes, content-type limited)
2. API returns SAS URL and target path
3. Client PUTs the file directly to Blob
4. Webhook/process writes metadata and thumbnails; store pointer in DB

Observability

Track egress (CDN vs origin), 4xx/5xx, and hot objects. Alert on sudden egress spikes; they are often expensive.

Pick the lightest service that satisfies security and throughput, then automate lifecycle so storage won’t surprise you on the invoice.