As per this blog post, you can now backup Azure Files with a retention of 10 years!
Microsoft have enabled on-demand backups that can retain your snapshots for 10 years using PowerShell
Backup for Azure file shares offers the ability to configure policies with retention up to 180 days. However, using the “On-demand backup” option in PowerShell, you can retain a recovery point even for 10 years!
You can have up to 200 Snapshots for a file share at any point in time
A couple of points to consider at the time of writing.
Currently there isn’t a way to get the retention period of a snapshot from PowerShell or portal
There is no PowerShell support currently for listing files in a recovery point
However, all the backup components & dependancies look something like the below:
Setting this up, running through this piece by piece using PowerShell – first things first, you’ll need to sign into Azure:
# Set the vault context
Get-AzRecoveryServicesVault -Name $RecoveryVaultName | Set-AzRecoveryServicesVaultContext
Next you setup a backup policy by leveraging a Retention Policy Object and Schedule Policy Object.
Both Get-AzRecoveryServicesBackupSchedulePolicyObject and Get-AzureRmRecoveryServicesBackupRetentionPolicyObject cmdlet gets a base Retention Policy Object or Schedule Policy Object. This object is not persisted in the system. It is a temporary object that you can manipulate, you use them both with the New-AzureRmRecoveryServicesBackupProtectionPolicy cmdlet to create a new backup policy.
######################################################
# Configure backup for an Azure file share
######################################################
<#
Create a generic protection policy - $BackupPolicyName - if it's not already created
This takes a daily backup and retains it for 30 days
#>
$afsPol = Get-AzRecoveryServicesBackupProtectionPolicy `
-WorkloadType "AzureFiles" | Where-Object {$_.name -eq $BackupPolicyName} -ErrorAction SilentlyContinue
if(!($afsPol).Name){
$schPol = Get-AzRecoveryServicesBackupSchedulePolicyObject -WorkloadType "AzureFiles"
$retPol = Get-AzRecoveryServicesBackupRetentionPolicyObject -WorkloadType "AzureFiles"
New-AzRecoveryServicesBackupProtectionPolicy -Name $BackupPolicyName `
-WorkloadType "AzureFiles" -RetentionPolicy $retPol -SchedulePolicy $schPol
}
Register the Azure Storage account as a container against the Recovery Vault. A container that is registered to an Azure Recovery Services vault can have one or more items that can be protected. For Azure virtual machines, there can be only one backup item in the virtual machine container being the virtual machine itself. As for Azure Files, there can be multiple backup items per container, being multiple Azure Files Shares per Storage Account.
The Enable-AzRecoveryServicesBackupProtection cmdlet below sets Azure Backup protection policy on a backup item. Setting the vault context by using the Set-AzRecoveryServicesVaultContext cmdlet before ensures that this the backup item is registered against the correct Recovery Services Vault.
Note the parameters: –Name | Specifies the name of the Backup item (item) –StorageAccountName | Azure file share storage account name (container)
The last step is to trigger the actual backup. You get the container (Storage Account) and the backup item (Azure Files Share) which should be already registered to a recovery services vault, then you kick off a backup while applying the custom retention – which you configured above in one of the variables.
The rest of the script has other items, and I have shared the full script below derived from GIST.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters