Backup and Restore for Azure Storage Accounts

This document provides detailed guidance on how to back up and restore data within your Azure Storage accounts. Effective backup and restore strategies are crucial for data protection, disaster recovery, and business continuity.

Key Backup and Restore Concepts

Azure Storage offers several mechanisms to protect your data:

Point-in-Time Restore for Blobs

Point-in-time restore enables you to restore a container to a specific point in time. This is invaluable for recovering from accidental data modifications or deletions.

Enabling Point-in-Time Restore

To enable this feature, navigate to your storage account in the Azure portal, go to the Data protection section, and enable Point-in-time restore for blob containers.

# Example of enabling versioning and point-in-time restore via Azure CLI
az storage account update --name  --resource-group  --enable-versioning true --enable-blob-public-access false

# Note: Point-in-time restore is typically enabled at the container level after versioning is enabled on the account.
# The Azure Portal is the primary interface for configuring the retention period for point-in-time restore.

Performing a Point-in-Time Restore

You can perform a restore operation directly from the Azure portal. Select the container, choose the restore option, and specify the desired date and time.

Important: Point-in-time restore is enabled at the container level and requires blob versioning and/or change feed to be enabled on the storage account.

Soft Delete

Soft delete protects your data from accidental deletion by retaining deleted blobs or file shares for a configurable period. During this retention period, you can undelete the data.

Configuring Soft Delete

In the Azure portal, under your storage account's Data protection settings, you can configure:

Undeleting Data

If a blob or file share has been soft deleted and is still within its retention period, you can undelete it using the Azure portal, Azure CLI, or PowerShell.

# Example of undeleting a blob using Azure PowerShell
# Ensure you have the Az.Storage module installed
Connect-AzAccount
Set-AzContext -SubscriptionId ""

$ctx = New-AzStorageContext -StorageAccountName "" -StorageAccountKey ""
Restore-AzStorageBlob -Container "" -Blob "" -SnapshotTime (Get-Date).AddDays(-1) -Context $ctx

Blob Snapshots

Blob snapshots are read-only, point-in-time copies of a blob. They are useful for backing up a blob at a specific moment without affecting the original blob.

Creating a Snapshot

Snapshots are created by appending ?snapshot=[DateTime] to the blob URI.

# Example of creating a snapshot using cURL
curl -i -X PUT \
    "https://.blob.core.windows.net//?snapshot=$(date -u +%Y-%m-%dT%H:%M:%SZ)" \
    -H "x-ms-version: 2020-08-04" \
    -H "Content-Length: 0" \
    -H "x-ms-date: $(date -u +'%a, %d %b %Y %H:%M:%S GMT')" \
    -H "Authorization: SharedKey :"

Azure Backup for Storage Accounts

Azure Backup provides a robust solution for backing up data stored in Azure Storage accounts, offering features like scheduled backups, retention policies, and cross-region restore.

Setting up Azure Backup

To use Azure Backup for storage accounts:

  1. Create an Azure Recovery Services vault.
  2. Configure a backup policy, defining backup frequency and retention.
  3. Select your Azure Storage account as the data source to protect.
Best Practice: For critical data, implement a multi-layered backup strategy combining Azure Backup with built-in storage account features like soft delete and point-in-time restore.

Restoring from Azure Backup

You can restore data from an Azure Backup recovery point through the Azure portal. You have options to restore to the original storage account or a different one.

← Data Management Security →
© 2023 Microsoft Corporation. All rights reserved.