Introduction

Azure Backup is a comprehensive, scalable, and secure data protection solution designed to safeguard your data assets in the cloud. It offers a simple and cost-effective way to back up and restore your data, ensuring that your critical workloads are protected against data loss and corruption. Azure Backup supports a wide range of workloads, including virtual machines, databases, and file shares, and integrates seamlessly with other Azure services.

Step-by-Step Implementation Guide

Prerequisites

Before you begin, ensure you have the following:

• An Azure subscription
• Bicep CLI installed
• Visual Studio Code with Bicep extension
• Basic understanding of Azure Backup concepts

Using Bicep to Protect a Virtual Machine

Step 1: Define the Bicep File

Create a new Bicep file (e.g., vm-backup.bicep) and define the parameters and resources needed for the Recovery Services vault, backup policy, and virtual machine.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

param location string = resourceGroup().location
param vaultName string = 'MyRecoveryServicesVault'
param backupPolicyName string = 'MyBackupPolicy'
param vmName string = 'ExistingVM'

resource recoveryServicesVault 'Microsoft.RecoveryServices/vaults@2023-02-01' = {
  name: vaultName
  location: location
  properties: {
    sku: {
      name: 'Standard'
    }
  }
}

resource backupPolicy 'Microsoft.RecoveryServices/vaults/backupPolicies@2023-02-01' = {
  name: backupPolicyName
  parent: recoveryServicesVault
  properties: {
    schedulePolicy: {
      scheduleRunFrequency: 'Daily'
      scheduleRunTimes: [
        // 2am Sydney,Australia
        '2024-11-29T16:00:00Z'
      ]
    }
    retentionPolicy: {
      dailySchedule: {
        retentionTimes: [
          // 2am Sydney,Australia
          '2024-11-29T16:00:00Z'
        ]
        retentionDuration: {
          count: 30
          durationType: 'Days'
        }
      }
    }
  }
}

resource backupProtectedItem 'Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems@2023-02-01' = {
  name: '${vmName}-backup'
  parent: recoveryServicesVault
  properties: {
    protectedItemType: 'Microsoft.Compute/virtualMachines'
    sourceResourceId: resourceId('Microsoft.Compute/virtualMachines', vmName)
    policyId: backupPolicy.id
  }
}

Step 2: Deploy the Bicep File

Use the Azure CLI to deploy the Bicep file to your Azure subscription.

1

az deployment group create --resource-group <Your-Resource-Group> --template-file vm-backup.bicep

Step 3: Verify the Resources

After deployment, verify that the Recovery Services vault, backup policy, and virtual machine have been created and are configured as expected. You can do this by navigating to the Azure portal and checking the resources under the Recovery Services vault section.

Conclusion

Azure Backup provides a comprehensive solution for protecting your data in the cloud. By using Bicep to define and deploy your backup resources, you can ensure consistency, simplify management, and leverage DevOps practices for continuous integration and deployment. Azure Backup enhances your ability to protect and manage your data assets seamlessly.

Learn More

For more detailed information and tutorials, visit the following Microsoft Learn resources:

• Quickstart: Back up a virtual machine in Azure with a Bicep template
• Protect your virtual machines by using Azure Backup
• Overview of security features - Azure Backup