Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!
Cloud Computing

Controlling Data Movement Using Azure Region Pairs

In this post, I will explain how Microsoft replicates data in very predictable ways, assuming that you want that data to be replicated.



Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.


There are a lot of myths out there about Azure, such as Microsoft will replicate my virtual machines to a second region so that if there’s a problem in my region, all of my machines will stay online.

Sorry, that’s not true. If you want disaster recovery, you need to implement it yourself.

My personal favorite is this oldie: Why would I put my servers in the cloud where everyone can see them?

If you don’t understand the basic concepts of WAN, VPN, and firewall rules, then maybe IT isn’t for you!

The myth that inspired this post is: Microsoft moved my Azure data from Europe to the USA.

Actually, it didn’t. While running Azure training classes, I’ve noticed that newbies to Azure are quite sloppy about picking regions, often selecting the default, so I suspect that’s to blame.

How Microsoft Replicates Data

In Azure, data is replicated only if:

  • You leave replication enabled by default: As with a site recovery vault where the resiliency is set to GRS instead of LRS by default. You can change this, but only before you start using the vault.
  • You enable replication: You might switch a storage account from LRS to GRS to force replication of the contained data to another region, which by the way, is not a disaster recovery solution for virtual machines.

But where does Microsoft replicate your data to? Azure uses a system of paired regions, which is very clearly documented by Microsoft. Every region is exclusively paired with another region. For example, UK West is paired with UK South. This means that if I store something in one of those regions, and enable replication, I know that the replica will be in the other region, and not in US East where the NSA can poke around.

Microsoft is aware that there are situations where we do not like data to leave certain geographies. For example, customers in the European Union would not want their data replicated to the US and vice versa. Microsoft ensures, with one exception, that every region is in the same geography as its paired region. For example, North Europe and West Europe are paired and are both in the European Union where common data protection laws apply. There is one exception to this pairing; Brazil South must be replicated to South Central US because there is only one region in Brazil or South America.

How regions are paired in Azure [Image Credit: Microsoft]
How regions are paired in Azure [Image Credit: Microsoft]
You can find a full listing of the paired regions in Microsoft’s documentation. You can learn more about regulatory compliance in Azure at the Azure Trust Center.


Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.


Sponsored By