On Azure, the files in file shares can be protected with integration of a Recovery Services vault. In this way, you can create backups, and you can restore files and folders easily whenever needed. In this post, we will be looking at configuring Recovery Services vaults on Azure file shares and restoring deleted files from a backup using PowerShell.

Recovery Service vault ^

The Recovery Service vault on Azure is responsible for securely storing various types of data, such as Azure VMs, SQL databases, and Azure file shares. So, it acts like a central data station where all your backed-up data and recovery points are stored. To protect backup data, Azure Recovery Services uses encryption with platform-managed keys by default, but it also allows you to go with your own RSA keys.

To start using Recovery Services, first we need to register the Microsoft.RecoveryServices resource provider using the following command:

Register-AzResourceProvider -ProviderNamespace "Microsoft.RecoveryServices"

Once the service provider has been registered, we can create a new Recovery Service vault with the following command:

New-AzRecoveryServicesVault -Name "testvault" -ResourceGroupName "restoreAzureFileShares" -Location "West US"

Now we can create a new backup protection policy with the "AzureFiles" workload type, which we will be using to enable backup on the Azure storage account file share. Retention and schedule policy objects are also needed to create a backup protection policy. With these policy objects, we define the backup schedules and how long the data will be retained in recovery service vaults. There are also workload types other than AzureFiles, such as SAPHanaDatabase, AzureVM, and MSSQL, that are supported by Recovery Services.

Get-AzRecoveryServicesVault -Name "testvault" | Set-AzRecoveryServicesVaultContext
$vaultID = Get-AzRecoveryServicesVault -ResourceGroupName "restoreAzureFileShares" -Name "testvault" | select -ExpandProperty ID
$retentionPolicy = Get-AzRecoveryServicesBackupRetentionPolicyObject -WorkloadType AzureFiles
$schedulePolicy = Get-AzRecoveryServicesBackupSchedulePolicyObject -WorkloadType AzureFiles
New-AzRecoveryServicesBackupProtectionPolicy -Name "NewAzureFileSharePolicy" -WorkloadType "AzureFiles" -RetentionPolicy $retentionPolicy -SchedulePolicy $schedulePolicy -VaultID $vaultID
Registering the resource provider and creating a recovery service vault

Registering the resource provider and creating a recovery service vault

Enabling backup of Azure file shares ^

We can run the following commands to enable the backup feature on an Azure file share:

$azureFileSharePolicy =  Get-AzRecoveryServicesBackupProtectionPolicy -Name NewAzureFileSharePolicy
Enable-AzRecoveryServicesBackupProtection -StorageAccountName "restoretest0001" -Name "fileshare01" -Policy $azureFileSharePolicy
Enabling backup protection on an Azure file share

Enabling backup protection on an Azure file share

To manually create a backup on an Azure file share, we will use the following commands:

$azureFileShareContainer = Get-AzRecoveryServicesBackupContainer -ContainerType AzureStorage -Status Registered -FriendlyName "restoretest0001" -VaultId $vaultID
$azureFileShareBackupItem = Get-AzRecoveryServicesBackupItem -Container $azureFileShareContainer -WorkloadType "AzureFiles" -VaultId $vaultID

First, check the backup state without initiating the manual backup job.

$azureFileShareBackupItem | fl *
Backup item status before creating a manual backup

Backup item status before creating a manual backup

Now, we can trigger the backup job and see the backup details, such as LastBackupStatus and LastBackupTime, once the backup process is done.

$backupJob =  Backup-AzRecoveryServicesBackupItem -Item $azureFileShareBackupItem
$azureFileShareBackupItem = Get-AzRecoveryServicesBackupItem -Container $azureFileShareContainer -WorkloadType "AzureFiles" -VaultId $vaultID
$azureFileShareBackupItem | fl *
Backup status can be seen in the backup item details

Backup status can be seen in the backup item details

After this action, we can also confirm the backup of the file share in Azure Portal.

The backup item can also be found on the file share in the Azure Portal

The backup item can also be found on the file share in the Azure Portal

Restoring deleted files ^

We now have a backup that we can use to restore when needed. So let's delete a file from the file share and try to restore it using the newly created backup.

A sample file to be deleted and restored using a previously created backup for testing

A sample file to be deleted and restored using a previously created backup for testing

With the following commands, we will:

  • Delete the file "file01.txt"
  • Set the recovery point to define from which backup the data will be restored
  • Restore the file to the original location (alternative location is also supported)
$strAccount = New-AzStorageContext -StorageAccountName "restoretest0001" `
 -StorageAccountKey "****STRACCKEY****”

 Remove-AzStorageFile -Path "file01.txt" `
 -ShareName "fileshare01" `
 -Context $strAccount

$startDate = (Get-Date).AddDays(-1)
$endDate = Get-Date
$recoveryPoint = Get-AzRecoveryServicesBackupRecoveryPoint `
 -Item $azureFileShareBackupItem `
 -VaultId $vaultID `
 -StartDate $startdate.ToUniversalTime() `
 -EndDate $enddate.ToUniversalTime()

$recoveryPoint[0] | fl

# restore to the original location
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoint[0] `
 -SourceFileType File -SourceFilePath `
 "file01.txt" -ResolveConflict Overwrite
Get-AzStorageFile -ShareName fileshare01 -Path file01.txt -Context $strAccount

### restore to an alternate location
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoint[0] -TargetStorageAccountName "TargetStrAcc01" -TargetFileShareName "fs01" -TargetFolder "folder1" -ResolveConflict Overwrite
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoint[0] -TargetStorageAccountName "TargetStrAcc01" -TargetFileShareName "fs02" -TargetFolder "folder1" -SourceFileType File -SourceFilePath "file01.txt" -ResolveConflict Overwrite
Restoring the file using the backup item in the Recovery Services vault

Restoring the file using the backup item in the Recovery Services vault

If you need to restore multiple files or folders rather than a single file, you can use the following options:

# multiple directories
$dirs = ("Dir1","Dir2")
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoint[0] -MultipleSourceFilePath $dirs -SourceFileType Directory -ResolveConflict Overwrite -VaultId $vault.ID -VaultLocation $vault.Location
# multiple files
$recoveryPoint = Get-AzRecoveryServicesBackupRecoveryPoint -Item $BackupItem -VaultId $vault.ID
$files = ("file01.txt", "file02.jpg")
Restore-AzRecoveryServicesBackupItem -RecoveryPoint $recoveryPoint[0] -MultipleSourceFilePath $files -SourceFileType File -ResolveConflict Overwrite -VaultId $vault.ID -VaultLocation $vault.Location

Disabling the backup and deleting the Recovery Vault ^

If you try to delete the Recovery Service vault before unregistering containers or deleting the private endpoints, you'll get the following error message:

Vaults cannot be deleted while there are existing resources

Vaults cannot be deleted while there are existing resources

To unregister the backup container, we first need to disable and delete the existing backup items from the vault. To do so, we'll run this script:

$vaultID = Get-AzRecoveryServicesVault -ResourceGroupName `
 "restoreAzureFileShares" `
 -Name "testvault" `
 | select -ExpandProperty ID

 $azureFileShareContainer = Get-AzRecoveryServicesBackupContainer -ContainerType `
  AzureStorage `
  -Status Registered `
  -FriendlyName "restoretest0001" `
  -VaultId $vaultID

$azureFileShareBackupItem = Get-AzRecoveryServicesBackupItem -Container $azureFileShareContainer `
 -WorkloadType "AzureFiles" `
 -VaultId $vaultID

Disable-AzRecoveryServicesBackupProtection -item $azureFileShareBackupItem -VaultId $vaultID -RemoveRecoveryPoints -Force
Unregister-AzRecoveryServicesBackupContainer -Container $azureFileShareContainer
Disabling and deleting backup objects from the vault

Disabling and deleting backup objects from the vault

Finally, we can delete the vault using the following:

Subscribe to 4sysops newsletter!

$vault = Get-AzRecoveryServicesVault -ResourceGroupName "restoreAzureFileShares" -Name "testvault"
Remove-AzRecoveryServicesVault -Vault $vault
Removing the Recovery Service vault

Removing the Recovery Service vault

Conclusion ^

Files and folders in an Azure file share can easily be backed up and restored using a Recovery Service vault with flexible options. Backup and restore operations can be performed in Azure Portal or via PowerShell, the Azure CLI, or a REST API.

avatar
0 Comments

Leave a reply

Your email address will not be published.

*

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account