none
Encryption of large Blobs

    Question

  • I have a question about blob storage encryption:

    As I understand the only way to upload blobs which are larger than 64 MB is to use Put Block with Put BlockList as a commit:

    (https://msdn.microsoft.com/en-us/library/azure/ee691964.aspx)

    However these commands are not supported for encryption:

    https://azure.microsoft.com/en-us/documentation/articles/storage-client-side-encryption/

    Therefore how can I encrypt large Blobs?

    Monday, March 7, 2016 3:45 PM

Answers

  • Hi,

    So this warning would be relevant to you if you are planning to make changes to an already encrypted blob.
    You should ideally, perform protocol operations such as Put Block, Put Block List, Write Pages, Clear Pages, or Append Block on unencrypted blobs and encrypt them after the required changes have been made.

    Regards,
    Malar.

    Wednesday, March 9, 2016 8:51 AM

All replies

  • Hi,

    The link that you referred to says "If you are writing a block blob that is no more than 64 MB in size, you can upload it in its entirety with a single write operation; see Put Blob." which is that the blob has to be smaller than 64 MB and not more than that.

    Please be advised that The maximum size for a block blob created via Put Blob is 64 MB.
    However, if you are intent on using Put Block then you should know that using PUT BLOCK i
    f you attempt to upload a block that is larger than 4 MB, the service returns status code 413 (Request Entity Too Large).A block blob can include a maximum of 50,000 blocks, so a Put Block List should not contain more than 50,000 blocks.
    You could refer the following link for a better understanding of the different types of blobs:
    https://msdn.microsoft.com/library/azure/ee691964.aspx

    If your requirement is to upload large files to Azure Blob Storage, you could use the Blob Transfer Utility tool.
    If you need to encrypt the data you upload to your blob storage, you could consider using Azure Key Vault.
    You could refer the following link for details:
    https://azure.microsoft.com/en-in/documentation/articles/storage-encrypt-decrypt-blobs-key-vault/

    Regards,
    Malar.

    Tuesday, March 8, 2016 9:31 AM
  • Thank you very much for your kind and quick response. I have already a working application doing unencrypted PutBlock/PutBlockList with <4MB chunks. I need to deal with files which are more than 100 MB in size.

    Can you please clarify how this warning is relevant for me:

    Avoid writing to an encrypted blob using protocol operations such as Put Block, Put Block List, Write Pages, Clear Pages, or Append Block; otherwise you may corrupt the encrypted blob and make it unreadable.

    https://azure.microsoft.com/en-in/documentation/articles/storage-client-side-encryption/

    Thank you!

    Tuesday, March 8, 2016 11:06 AM
  • Hi,

    So this warning would be relevant to you if you are planning to make changes to an already encrypted blob.
    You should ideally, perform protocol operations such as Put Block, Put Block List, Write Pages, Clear Pages, or Append Block on unencrypted blobs and encrypt them after the required changes have been made.

    Regards,
    Malar.

    Wednesday, March 9, 2016 8:51 AM