5 min. Read
Azure File Storage provides shared storage for applications that use the standard SMB 3.0 protocol. Microsoft Azure computers and cloud services can share file information between application components through connected shares, and on-premises applications can access file information through the File Storage API.
Microsoft also introduced Sync Azure files a service that is a new service that allows you to centralize your file sharing with Azure Files while maintaining the compatibility of your local file server with all the flexibility and performance benefits it offers. Any protocol installed on Windows Server can use Azure file sharing, including SMB, NFS, and FTPS. Through integration Azure backup service, you can protect your data in the cloud despite local backup solutions. This is a great solution for a hybrid cloud!
To learn more about Azure File Sync and how to get started, check the following A step-by-step guide.
Last month, Microsoft announced that you can keep a backup of your Azure file shares for 10 years using Azure backup, Via PowerShell. You can read announcement here. The good news is that Azure Backup also supports backing up and restoring Azure File Shares ACL files.
As mentioned in the announcement and in connection with this writing, long-term backups of Azure Files are only maintained through PowerShell. However, experience Azure portal is different, the daily backup policy can be up to 180 days (6 months).
If you’re not familiar with Azure Backup, it’s an Azure-based service that lets you back up (or protect) and restore your data in the Microsoft cloud. Azure Backup replaces your current on-premises or off-site backup solution with a reliable, secure, and cost-effective cloud-based solution. For more information on Azure Backup, I recommend checking out Azure Backup Deep Dive – Free Whitepaper.
In this blog, I’ll share with you how to automate a backup to Azure File Shares with PowerShell so you can schedule it to take snapshots at regular intervals every week, month, or year for long-term storage.
First, I need to create an Azure automation resource Run as an account. Run as Azure Automation accounts are used to provide authentication to manage resources in Azure using Azure cmdlets. When you create a Run As account, it creates a new service administrator in Azure Active Directory and assigns a Contributor role to that user at the subscription level.
Open Azure portal, click All services can be found in the upper left corner. Write in the resource list Automation. When you start typing, the list is filtered based on your input. choose Automation accounts. Click + Add
In the next step, you need to import the necessary modules Gallery of modules.
In the list of automation accounts, select the account you created in the previous step. choose Gallery of modules below Shared resources section.
The following modules must be imported Gallery of modules in the following order:
- AzureRM profile
At this point, you can create multiple runbooks based on which file shares you want to protect. PowerShell runbooks are based on Windows PowerShell. You can edit the runbook code directly in the Azure portal text editor. You can also use any offline text editor and import the runbook into Azure Automation.
In this example, I create a Runbook that allows a monthly backup to a specific Azure File Share service in my Azure subscription and keep it for one year (12 restore points). You can also protect all your Azure files as needed.
Once you have created the Runbook, you will need to edit the Runbook and write or add a script by selecting Azure File Share to back up. Of course, you can create scripts that fit your environment.
As I mentioned earlier, in this example, I want to create a backup for a specific Azure file share that Azure Backup protects in a specific Azure subscription. The script reads as follows:
<# .DESCRIPTION A Runbook example which takes On-demand backup for a particular Azure file share protected by Azure Backup in a specific Azure subscription using the Run As Account (Service Principal in Azure AD) .NOTES Filename : Enable-AzureFilesBackup Author : Charbel Nemnom Version : 1.0 Date : 13-February-2019 Updated : 14-February-2019 .LINK To provide feedback or for further assistance please visit:
Save script CMDLETIT screen as shown in the screenshot below
Then test using a scriptBread test“To make sure it works as intended before release.
When the test is complete, click to publish the Runbook Publish.
In the last step, you need to schedule the Runbook to run based on the backup policy you want.
In the same Runbook you create in the previous step, select Timetables and then click + Add schedule.
So if you need to schedule a monthly snapshot and keep it for 12 months, you need to create a monthly schedule as shown below and set the retention to 360 days (12 months X 30 days) or 365 days. You can also create weekly, monthly, and yearly snapshot (repeat every 12 months) schedules in the same way. You can also edit the script to take the input parameter in weeks / months / years.
When you run the Runbook, you can pass the parameters required to the PowerShell script. In the example, I need to specify Azure subscription ID, The name of the vault, The name of the Azure file share and finally Preservation which is 360 days. The example script takes these parameters as input. If you want to keep the backup for 10 years (maximum), you can specify 3600 days for storage.
When you’re done, click ALRIGHT.
You can track the success or failure of these backupsJobs“Runbooks tab Resources. In my example, the Runbook was successfully run on February 13, 2019 at 11 p.m. The next backup is scheduled to launch on March 13 and be retained for one year, and so on …
That’s what you have!
In this article, I showed you how to automate backup of Azure file shares using PowerShell so you can schedule it to take snapshots at regular intervals every week, month, or year for long-term storage and up to 10 years if needed!
I hope that in the future, Microsoft will look to add this feature to the Azure portal and make it easier for users to retain it for the long term in the most optimal way.
Thanks for locking my blog.
If you have any questions or feedback, please leave a comment.