How to Backup to Azure Blob Storage Step by Step

What is Azure blob storage

Azure Blob Storage is Microsoft's object storage solution designed for large-scale data storage. You can easily configure backup policies through the Azure portal, selecting the data sources to back up and the target storage location

Before starting the backup, you need to understand the two types of backups:

Operation backup:

• Data is stored in the source storage account for up to 360 days. A longer retention period will increase the recovery time.
• Only restore to the original storage account, which may overwrite the existing data.
• If you use the "Delete Container" operation to delete a container, it cannot be recovered. It is recommended to delete individual Blobs and enable the container soft delete feature.
• You need to register the Microsoft. DataProtection provider for the subscription.

Vault backup

• Managed offsite backup solution, data is transmitted to the backup vault and retained for up to 10 years.
• It can only be restored to a different storage account, and the target account cannot have a container with the same name.
• To enable cross-tenant replication for the backup storage account, you can view and enable it in "Storage Account > Object Replication > Advanced Settings."

How to create a backup to Azure blob storage

To begin backing up your data to Azure Blob Storage, you'll need to perform several steps, from creating a storage account to configuring backup tools. Below is a step-by-step guide:

Step 1. Create a backup vault

The backup vault is used to store recovery points created over time and provides an interface for performing backup-related operations, such as on-demand backups, executing recoveries, and creating backup policies.

Although the data for backup operations is not stored in the vault, the vault is crucial for various management operations. Notably, the backup vault is a new resource for backing up newly supported workloads, different from the existing recovery services vault.

Step 2. Grant storage account permissions to the backup vault

The backup operation will apply a delete lock owned by the backup to prevent the storage account containing the Blob to be protected from being accidentally deleted. This requires the backup vault to have specific permissions on the storage account that needs protection. For convenience, these minimum permissions have been integrated into the "Storage Account Backup Contributor" role. It is recommended to assign this role to the backup vault before configuring the backup, but it can also be assigned during the backup configuration.

The specific allocation steps are as follows:

1. In the storage account that needs protection, find the "Access Control (IAM)" tab in the left navigation pane.

2. Select "Add Role Assignment."

3. On the "Add Role Assignment" page:

• Select "Storage Account Backup Contributor" for the "Role".
• "Assign access permissions to" select "users, groups, or service principals."
• Search and select the backup vault to back up the Blobs in this storage account.
• Click "Save." It may take up to 30 minutes for the role assignment to take effect.

Step 3. Create a backup policy

Backup policies are used to define the schedule, frequency, and retention period of recovery point creation in the backup vault. The same backup policy can be used for vault backups, operational backups, or both simultaneously, and it can also be used to configure backups to the same vault for multiple storage accounts.

The steps to create a backup strategy are as follows:

1. Enter "Business Continuity Center > Protection Policies," select "+ Create Policy > Create Backup Policy."

2. On the "Start Creating Policy" page, select "Azure Blobs (Azure Storage)" for "Data Source Type," and then click "Continue."

3. On the "Basics" tab of the "Create Backup Policy" page, enter the "Policy Name," select the vault to be associated, view the vault details, and then click "Next."

4. In the "Schedule + Retention" tab, enter the backup details, schedule, and retention period for the data storage. Choose whether to apply the backup strategy to vault backups, operational backups, or both, and add or edit the schedule and retention settings for each data storage:

• Vault Backup: You can choose a daily or weekly backup frequency, specify the creation time of the backup recovery point, and edit the default retention rules or add new ones.
• Operational backup: It is continuous and does not require a schedule to be set. Just edit the default rules to specify the retention period.

5. Click "Review + Create," and after approval, click "Create."

Step 4. Configure backup

You can use a single backup policy to back up one or more storage accounts to the same vault in the Azure region.

The steps to configure storage account backup are as follows:

1. Go to "Business Continuity Center > Overview," and select "+ Configure Protection."

2. In the "Configure protection" pane, select "Datasource type" as "Azure Blobs (Azure Storage)" and "Solution" as "Azure Backup."

3. On the "Configure Backup" page, in the "Basics" tab, select "Azure Blobs (Azure Storage)" as the data source type, and choose the backup vault to associate. After reviewing the vault details, click "Next."

4. In the "Backup policy" tab, select the backup strategy you want to use, or create a new strategy if needed. After reviewing the strategy details, click "Next."

5. In the "Datasource" tab, select the storage accounts to back up. You can choose multiple accounts and perform searches or filters. If you have selected the vault backup policy, you can also choose specific containers to back up. Click "Change" to select or deselect.

6. After selecting the storage account and container, Azure Backup will perform validation. After the verification is successful, click the "Review + Configure" tab, review the details, and then click "Next" to initiate the backup configuration operation and receive notifications about the protection configuration status and completion.

Important: Try AOMEI Cyber Backup for data protection

By choosing the appropriate backup method, you can ensure the efficiency of the backup process and the recoverability of the data. AOMEI Cyber Backup provides strong protection for the data security of businesses and individuals.

AOMEI Cyber Backup

Free, Easy, Centralized VM Backup Solution

• Free VMware & Hyper-V VMs protection.
• Agentless and automatic backup virtual machines.
• Fast VM recovery with minimal downtime.

Free Download

100% Secure

FAQ about Azure storage backup and restore

Q: Can I automate backups to Azure Blob Storage?

Yes, automation can be achieved using PowerShell or the Azure CLI. Use az login for CLI or Connect-AzAccount for PowerShell.

$resourceGroup = "MyResourceGroup"
$storageAccount = "MyStorageAccount"
$containerName = "MyContainer"
$filePath = "C:\Backup\mybackup.zip"
Set-AzStorageBlobContent -File $filePath -Container $containerName -Context (Get-AzStorageAccount -ResourceGroupName $resourceGroup -Name $storageAccount).Context

Q: What is the difference between Azure Blob Storage tiers?

• Hot Tier: For frequently accessed data.
• Cool Tier: For infrequently accessed data, such as backups stored for 30-90 days.
• Archive Tier: For rarely accessed data, suitable for long-term backup retention.

Q: What are the costs associated with Azure Blob Storage?

Costs depend on storage tier, data volume, and additional features like data retrieval or redundancy.

Conclusion

Azure Blob Storage offers a scalable, and cost-effective solution for storing and backing up critical data. As businesses generate increasingly vast amounts of data, backing up data to Azure Blob Storage is a secure way to help you protect important data assets.