Backup Azure Virtual Machines with Azure Automation

In this blog post, I will show you how to back up Azure virtual machines using an Azure automation run book and schedule.

Azure Automation

Azure Automation is Microsoft Serverless cloud offering that allows us to run Python, PowerShell, .NET and Batch jobs without managing any infrastructure.

Get Started

In this post, I will use an Azure Automation account and the Microsoft Azure ARM PowerShell modules.

Why use automation to backup VMs?

The reason I am using Azure automation to backup my VM is because Azure Recovery services backup policies allow one back per day.

In my case, I need to back up the VM two times a day and using Azure automation. I can add another backup per day.

Create Automation Account

To get started, I have created an automation account with an Azure Run As account (default).

Add Module

Azure automation works using Modules. We can download modules using the Modules menu (under shared resources).

Simply click on Modules -> Browse gallery.

Download the following modules.

Az.Accounts – For Azure authentication

Az.recovery services – For managing Azure backups

Az.Resources – For managing Azure resources

Update Azure Modules

After downloading all the above Azure AZ ARM modules, I will click on Update Azure modules button located in the Modules page.

Create Runbook

Runbooks is where everything happens, runbooks are scripts where we copy or write our scripts into.

I will create a new runbook from the Runbooks menu.

In my case, I am using a PowerShell Module.

After creating the runbook, I will edit it using the edit menu.

In the edit page, I will use the code below.

Note: Enter the values that match your environment in the code under:

1 – ENTER SUBSCRIPTION ID”

2 – ENTER RESOURCE GROUP NAME

3 – ENTER VAULT NAME

4 – ENTER VM NAME

Disable-AzContextAutosave –Scope Process
$connection = Get-AutomationConnection -Name AzureRunAsConnection
# Wrap authentication in retry logic for transient network failures
$logonAttempt = 0
while(!($connectionResult) -And ($logonAttempt -le 10))
{
    $LogonAttempt++
    # Logging in to Azure...
    $connectionResult =    Connect-AzAccount `
                               -ServicePrincipal `
                               -Tenant $connection.TenantID `
                               -ApplicationId $connection.ApplicationID `
                               -CertificateThumbprint $connection.CertificateThumbprint

    Start-Sleep -Seconds 1
}

Set-AzContext -SubscriptionId "ENTER SUBSCRIPTION ID"
$vault = Get-AzRecoveryServicesVault -ResourceGroupName "ENTER RESOURCE GROUP NAME " -Name  "ENTER VAULT NAME"
$NamedContainer = Get-AzRecoveryServicesBackupContainer -ContainerType AzureVM -Status Registered -FriendlyName "ENTER VM NAME" -VaultId $vault.ID
$Item = Get-AzRecoveryServicesBackupItem -Container $NamedContainer -WorkloadType AzureVM -VaultId $vault.ID
$Job = Backup-AzRecoveryServicesBackupItem -Item $Item -VaultId $vault.ID

Test Code

Use the Test pane to test the code.

Publish

When you ready, click on Publish and setup schedule.


Posted

in

,

by