This chapter covers the three primary redundancy options for Azure Storage accounts: Zone-Redundant Storage (ZRS), Geo-Redundant Storage (GRS), and Geo-Zone-Redundant Storage (GZRS). These options are critical for designing Business Continuity and Disaster Recovery (BCDR) solutions, a key topic in the AZ-305 exam (Objective 3.1). Expect approximately 10-15% of exam questions to touch on storage redundancy and replication, often in the context of selecting the right option for given availability, durability, and cost requirements. Mastering the differences, trade-offs, and use cases is essential for passing the exam.
Jump to a section
Imagine a bank vault storing gold bars. ZRS is like a single vault with three doors: you have three copies of the vault key, but all doors lead to the same room. If the building collapses, all gold is lost. GRS is like having a primary vault in one city and a secondary vault in a different city, 100+ miles away. Every day, an armored truck transports a copy of the gold to the secondary vault. If the primary vault is destroyed, you can still access the gold in the secondary city, but you might lose up to 24 hours of deposits (the RPO). GZRS is the most secure: you have three doors on the primary vault in one city, AND a secondary vault in another city. The armored truck still runs daily, but because the primary vault has three doors, the chance of losing data before the truck leaves is much smaller. So, GZRS combines local redundancy (three copies in one region) with geo-redundancy (copy in another region). The trade-off is cost: GZRS costs more because you are paying for both local replication and cross-region replication. In Azure, these correspond to ZRS (zone-redundant storage), GRS (geo-redundant storage), and GZRS (geo-zone-redundant storage). The 'armored truck' is asynchronous replication with a typical RPO of 15 minutes to several hours depending on the storage type.
What are ZRS, GRS, and GZRS?
Azure Storage offers multiple redundancy options to protect data against planned and unplanned events, ranging from transient hardware failures to region-wide disasters. The three options discussed here represent different balances of durability, availability, and cost.
ZRS (Zone-Redundant Storage): Synchronously replicates your data across three Azure availability zones within a single region. Each zone is physically separate (separate power, cooling, and networking) and independent. If one zone fails, the other two continue to serve data. ZRS provides a durability of at least 99.9999999999% (12 nines) over a given year.
GRS (Geo-Redundant Storage): Replicates your data synchronously three times within a primary region (using LRS), then asynchronously replicates to a secondary region hundreds of miles away. GRS provides 16 nines of durability (99.99999999999999%) over a given year.
GZRS (Geo-Zone-Redundant Storage): Combines ZRS in the primary region (three copies across zones) with asynchronous replication to a secondary region. This provides the highest durability: 16 nines, same as GRS, but with better availability because the primary region can tolerate a zone failure without any downtime.
How It Works Internally
ZRS Mechanism: At the storage cluster level, every write is synchronously committed to three copies stored in three different availability zones within the same Azure region. The zones are physically separated by at least several kilometers. The replication is synchronous, meaning the write is acknowledged to the client only after all three copies are written. This ensures strong consistency. In the event of a zone failure, Azure automatically shifts traffic to the remaining zones. There is no data loss because all data is synchronously replicated. The RPO (Recovery Point Objective) is 0, and the RTO (Recovery Time Objective) is typically a few seconds to minutes as Azure reroutes requests.
GRS Mechanism: GRS first uses LRS (Locally Redundant Storage) to synchronously write three copies within the primary region (typically within a single datacenter or across fault domains). Then, asynchronously, data is replicated to a secondary region. The asynchronous replication is done at the storage stamp level. Azure Storage writes data to the primary region, then asynchronously copies the data to the secondary region using a background process. The replication lag (RPO) is typically less than 15 minutes, but can be higher during heavy write loads. In a disaster, you can initiate a failover to the secondary region. The secondary region is read-only until a failover occurs. After failover, the secondary becomes read-write. Note that during the replication lag, any data not yet replicated is lost.
GZRS Mechanism: GZRS combines the synchronous zone-redundant replication of ZRS in the primary region with asynchronous replication to a secondary region. So, in the primary region, data is synchronously written to three zones. Then, asynchronously, it is replicated to the secondary region, where it is stored using LRS (three copies in a single datacenter). This gives you the best of both: zero data loss if a zone fails, and the ability to survive a region failure with minimal data loss (the same RPO as GRS). The durability is 16 nines because the geo-replication protects against region-wide events.
Key Components, Values, Defaults, and Timers
Durability numbers: ZRS: 12 nines; GRS: 16 nines; GZRS: 16 nines.
Availability SLA: ZRS: 99.99% for read and write; GRS: 99.99% for reads (if geo-redundant storage with read access - RA-GRS) and 99.9% for writes; GZRS: 99.99% for reads and writes (if RA-GZRS).
RPO for geo-replication: Typically less than 15 minutes, but not guaranteed. Azure does not provide an SLA on RPO for asynchronous replication.
RTO for customer-initiated failover: Typically 1 hour, but can be longer for large accounts. Microsoft-initiated failover may take longer.
Replication type: ZRS is synchronous; GRS and GZRS use synchronous in primary, asynchronous across regions.
Secondary region selection: For GRS and GZRS, the secondary region is paired by Azure (based on region pairs). You cannot choose a custom secondary region.
Read access to secondary: You can enable RA-GRS or RA-GZRS, which allows read access to the secondary region even before failover. This can be used for read-heavy workloads that can tolerate stale data.
Configuration and Verification Commands
When creating a storage account via Azure CLI, you specify the SKU with the redundancy option. For example:
# Create a storage account with ZRS
az storage account create --name mystorageaccount --resource-group myResourceGroup --location eastus --sku Standard_GRSThe --sku parameter determines the replication type. Common values:
- Standard_LRS
- Standard_GRS
- Standard_RAGRS (read-access geo-redundant storage)
- Standard_ZRS
- Standard_GZRS
- Standard_RAGZRS
To verify the replication type of an existing account:
az storage account show --name mystorageaccount --resource-group myResourceGroup --query 'sku.name'You can also check the properties in the Azure portal under "Replication" in the storage account blade.
Interaction with Related Technologies
Azure Site Recovery (ASR): ASR can be used to replicate VMs, but for storage, the built-in replication options are often sufficient for blob, file, table, and queue data.
Azure Backup: Backup vaults can store backups in GRS or LRS; you choose the redundancy at the vault level.
Azure Data Lake Storage Gen2: Uses Azure Blob Storage, so it supports the same redundancy options.
Azure Files: Supports all redundancy options, including premium file shares which only support LRS and ZRS.
Managed Disks: Managed disks use LRS by default, but you can use ZRS for premium SSD and standard SSD disks (in preview). GRS is not available for managed disks; instead, you use Azure Site Recovery for cross-region replication.
Exam Trap: Confusing Durability and Availability
Many candidates confuse durability (how likely data is to be lost) with availability (how likely the service is to be accessible). ZRS provides 12 nines durability but 99.99% availability; GRS provides 16 nines durability but lower write availability (99.9% for writes) because writes must be committed synchronously in the primary region only. GZRS provides both high durability (16 nines) and high availability (99.99% for reads and writes). The exam will test whether you understand that GRS does NOT provide zone-level redundancy in the primary region, so if the primary region experiences a zone failure, the storage account may become unavailable until the zone recovers or you fail over to the secondary region.
Data written to storage client
A client application issues a write request (e.g., PUT blob) to the Azure Storage endpoint. The request is encrypted in transit via HTTPS and reaches the front-end load balancer of the storage service in the primary region.
Synchronous replication in primary region
For ZRS and GZRS, the write is synchronously replicated to three copies across three availability zones. For GRS, it is synchronously replicated to three copies within the primary region using LRS (typically within one datacenter). The write is acknowledged to the client only after all three copies are confirmed.
Asynchronous geo-replication (GRS/GZRS only)
After the write is committed in the primary region, a background process asynchronously replicates the data to the secondary region. The replication is done at the storage partition level, with data chunks copied over the Azure backbone network. The typical RPO is less than 15 minutes, but can vary.
Secondary region write (GRS/GZRS only)
In the secondary region, the data is written to three copies using LRS. This ensures durability in the secondary region. The secondary region is read-only unless you enable RA-GRS/RA-GZRS for read access, or you initiate a failover.
Failover to secondary region (if needed)
In a disaster affecting the primary region, you can initiate a storage account failover. This updates the DNS records to point to the secondary region, making it the new primary. The failover can be done via Azure Portal, CLI, or PowerShell. After failover, the secondary region becomes read-write, and the old primary becomes read-only. The RTO is typically around 1 hour.
Enterprise Scenario 1: Financial Services Compliance
A multinational bank requires 99.9999999999% durability for transaction logs stored in Azure Blob Storage. They choose GZRS because it provides 16 nines durability and ensures zero data loss during a zone failure (important for high-frequency trading systems). They enable RA-GZRS to allow read access to the secondary region for auditing purposes without impacting primary writes. They configure lifecycle management to move older logs to cool and archive tiers. The bank monitors replication lag using Azure Monitor metrics (Replication Lag) and sets up alerts if lag exceeds 10 minutes. One operational challenge: during a regional disaster, the failover process must be tested quarterly to ensure RTO of 1 hour is met. They also use Azure Policy to enforce GZRS on all storage accounts in production.
Enterprise Scenario 2: Media Streaming Platform
A video-on-demand company uses Azure Blob Storage for source video files. They choose RA-GRS for cost savings, as they can tolerate up to 15 minutes of data loss for new uploads. They use the secondary region for read-only streaming during high traffic, leveraging the geo-redundant read access. However, they discover that during a regional outage, the failover to the secondary region causes a brief interruption because the DNS propagation takes time. They mitigate this by using Azure Traffic Manager with endpoint monitoring to route traffic to the secondary region proactively. They also set up a custom domain with CNAME pointing to the storage endpoint, so they can quickly update DNS in a disaster.
Enterprise Scenario 3: Healthcare Data Lake
A healthcare organization stores patient imaging data (DICOM) in Azure Data Lake Storage Gen2. They require HIPAA compliance and high durability. They choose ZRS because the data is replicated across zones, meeting their availability needs, and they do not need geo-redundancy due to backup policies that copy data to another region using Azure Data Factory. The cost of GZRS is prohibitive for petabytes of data. However, they learn that ZRS does not protect against a region-wide disaster, so they implement a separate backup strategy: nightly exports to a GRS storage account in another region. This hybrid approach meets both compliance and budget constraints. A common mistake they avoided: they initially considered LRS, but a datacenter-level failure would have caused data loss, so ZRS was the minimum acceptable option.
What AZ-305 Tests on This Topic (Objective 3.1)
The exam expects you to:
Compare and contrast ZRS, GRS, and GZRS in terms of durability, availability, RPO, RTO, and cost.
Select the appropriate redundancy option based on a given scenario (e.g., compliance requirements, budget, tolerance for data loss).
Understand the implications of read-access geo-redundant storage (RA-GRS/RA-GZRS).
Know which storage types support which redundancy options (e.g., premium block blobs only support LRS and ZRS; Azure Files supports all options; managed disks support LRS and ZRS but not GRS).
Common Wrong Answers and Why Candidates Choose Them
Choosing GRS when zone redundancy is required: Candidates often pick GRS because it offers geo-redundancy, but they miss that GRS does not protect against a zone failure within the primary region. The exam will present a scenario where the primary region has multiple zones and the client wants to survive a zone failure without downtime. The correct answer is ZRS or GZRS.
Selecting ZRS for geo-redundancy: Some candidates think ZRS provides geo-redundancy because it replicates across zones, but zones are within one region. The exam may trick you by saying "replicates across geographically separate locations" – zones are not geographically separate enough (they are within a region, typically <100 km apart).
Confusing RPO and RTO: A question might ask about the maximum data loss (RPO) for GRS. Candidates often answer "0" because they think replication is synchronous. But geo-replication is asynchronous, so RPO is not zero. The typical RPO is <15 minutes, but not guaranteed.
Overlooking read-access options: A scenario might require read access to the secondary region for reporting. Candidates might choose GRS without RA, which does not allow reads until failover. The correct answer is RA-GRS or RA-GZRS.
Specific Numbers and Terms That Appear on the Exam
Durability: LRS 11 nines, ZRS 12 nines, GRS/GZRS 16 nines.
Availability SLA: ZRS 99.99%, GRS 99.9% write / 99.99% read (with RA), GZRS 99.99%.
RPO for geo-replication: "Typically less than 15 minutes" – this phrase appears verbatim.
RTO for customer failover: "Typically 1 hour."
Region pairs: You must know that secondary region is determined by Azure, not chosen.
Edge Cases and Exceptions
Premium block blobs: Only support LRS and ZRS. Cannot use GRS or GZRS.
Azure Files premium shares: Only support LRS and ZRS.
Managed disks: Only LRS and ZRS (for premium SSD and standard SSD in preview). No GRS.
Storage account failover: Not supported for storage accounts with hierarchical namespace enabled (Data Lake Storage Gen2). For those, you need to use other tools like AzCopy or Azure Data Factory.
Soft delete and versioning: These features can help reduce data loss but do not replace replication.
How to Eliminate Wrong Answers
If the scenario mentions "zone failure" or "availability zone," the answer must include ZRS or GZRS.
If the scenario mentions "region-wide disaster" or "compliance requiring data in two regions," the answer must include GRS or GZRS.
If the scenario requires both zone and region redundancy, the answer is GZRS.
If the scenario requires read access to secondary region, look for RA-GRS or RA-GZRS.
If the scenario is about cost optimization and data loss tolerance is low, consider LRS or ZRS.
If the storage type is premium block blob or managed disk, eliminate options that include GRS or GZRS.
ZRS provides zero data loss on zone failure but not region failure; durability 12 nines.
GRS provides protection against region failure with RPO <15 min, but no zone protection; durability 16 nines.
GZRS combines zone and region protection with 16 nines durability and 99.99% availability.
Read-access geo-redundant storage (RA-GRS/RA-GZRS) allows read access to secondary region before failover.
Premium block blobs and premium Azure Files only support LRS and ZRS; managed disks support LRS and ZRS (preview).
Storage account failover is not supported for accounts with hierarchical namespace (Data Lake Storage Gen2).
The secondary region is determined by Azure region pairs and cannot be customized.
Customer-initiated failover RTO is typically 1 hour; Microsoft-initiated failover may take longer.
Durability numbers are 11 nines for LRS, 12 for ZRS, 16 for GRS and GZRS.
Availability SLA for ZRS and GZRS is 99.99%; for GRS writes it is 99.9%.
These come up on the exam all the time. Here's how to tell them apart.
ZRS (Zone-Redundant Storage)
Synchronous replication across 3 zones in one region.
Durability: 12 nines (99.9999999999%).
Availability SLA: 99.99% for reads and writes.
RPO: 0 (no data loss on zone failure).
No protection against region-wide disaster.
GRS (Geo-Redundant Storage)
Synchronous replication within primary region (LRS) + async to secondary region.
Durability: 16 nines (99.99999999999999%).
Availability SLA: 99.9% for writes, 99.99% for reads (with RA-GRS).
RPO: Typically <15 minutes (non-zero).
Protects against region-wide disaster but not zone failure in primary region.
GRS (Geo-Redundant Storage)
Primary region uses LRS (3 copies in one datacenter).
No zone redundancy in primary region.
Write availability: 99.9%.
Cost: lower than GZRS.
Good for scenarios where zone failures are acceptable or cost is critical.
GZRS (Geo-Zone-Redundant Storage)
Primary region uses ZRS (3 copies across zones).
Zone redundancy in primary region.
Write availability: 99.99%.
Cost: higher than GRS due to ZRS overhead.
Best for mission-critical workloads needing both zone and region protection.
Mistake
ZRS replicates data across multiple geographic regions.
Correct
ZRS replicates data across availability zones within a single Azure region. Zones are physically separate but still within the same region. For cross-region replication, you need GRS or GZRS.
Mistake
GRS provides zero data loss (RPO=0) because replication is synchronous.
Correct
GRS uses synchronous replication only within the primary region (LRS). The cross-region replication is asynchronous, so there is a potential for data loss if a disaster occurs before the async replication completes. The typical RPO is less than 15 minutes.
Mistake
GZRS is simply a combination of GRS and ZRS, offering both without trade-offs.
Correct
While GZRS does combine zone and geo redundancy, it costs more than either ZRS or GRS alone. Also, the geo-replication is still asynchronous, so RPO is not zero. However, it provides higher availability than GRS during zone failures.
Mistake
All storage account types support all redundancy options.
Correct
Premium block blobs and premium file shares do not support GRS or GZRS. Managed disks only support LRS and ZRS (for certain disk types). Always check the storage type's limitations.
Mistake
After a failover to the secondary region, the original primary region becomes the new secondary automatically.
Correct
After a customer-initiated failover, the original primary region becomes read-only and is not automatically configured as a secondary. To re-enable geo-replication, you must manually configure it or perform a failback. Microsoft may eventually update the pairing, but it is not immediate.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
ZRS provides zero data loss (RPO=0) if an availability zone fails because data is synchronously replicated across three zones. However, if an entire region fails, you lose all data. GRS provides protection against a region failure, but because the cross-region replication is asynchronous, you may lose data that has not been replicated yet (typical RPO <15 minutes). So, ZRS protects against zone failure with no data loss, while GRS protects against region failure with some potential data loss.
Yes, you can change the replication type of an existing storage account, but there are limitations. You cannot convert from LRS to ZRS or from ZRS to LRS in place; you must either use the Azure Portal, CLI, or PowerShell to request a conversion, which may involve data movement. For GRS, you can change from LRS to GRS (and vice versa) without downtime. However, converting to ZRS requires a manual process (e.g., using AzCopy) or a support ticket. Always check the latest documentation as features evolve.
Yes, GZRS costs more than GRS because it uses ZRS in the primary region, which is more expensive than LRS. The geo-replication cost is similar. You pay for the additional zone-redundant storage. The exact pricing depends on the storage tier and region, but typically GZRS can be 20-30% more expensive than GRS.
RA-GRS (Read-Access Geo-Redundant Storage) is a variant of GRS that allows read access to the secondary region at all times, even before a failover. Standard GRS provides no access to the secondary region until a failover occurs. RA-GRS is useful for scenarios where you want to serve read traffic from the secondary region (e.g., for reporting or disaster recovery drills). The durability and write availability are the same as GRS.
Yes, Azure Files supports GRS, GZRS, and RA-GRS/RA-GZRS for standard file shares. However, premium file shares only support LRS and ZRS. Also, note that Azure Files with geo-redundancy does not support SMB multichannel on the secondary region until failover.
When you initiate a storage account failover, the secondary region becomes the new primary and is read-write. The original primary region becomes read-only. Any data that was not replicated before the disaster is lost (based on the RPO). After failover, you can optionally configure geo-replication back to the original region (now secondary) to restore protection. The process is manual and requires careful planning.
The RPO for GRS and GZRS is typically less than 15 minutes, but it is not guaranteed. To achieve a lower RPO, you can use Azure Site Recovery for VM replication (which can achieve RPO of seconds) or use application-level replication with tools like AzCopy or Azure Data Factory. For storage accounts, the only way to get zero RPO is to use synchronous replication, which is not available across regions.
You've just covered ZRS vs GRS vs GZRS for BCDR — now see how well it sticks with free AZ-305 practice questions. Full explanations included, no account needed.
Done with this chapter?