Enable backup for all Azure VMs in your subscription

Hey Folks! Today I’ve got for you script which will enable backup for all Azure VMs in your subscription.

All admins which setup IaaS environment in cloud, doesn’t matter if this is Azure or Amazon must remember that data from virtual machines should be configured to restore them in any time. In Azure there is a separate service to manage all backups of virtual machines called Recovery Service Vault. You can in easy way configure backup for your VM according to your needs.

Script which I share today is working in following way. Main assumption of it is that we have one Recovery Service Vault per each necessary region (Azure virtual machines can be linked only to Recovery Service Vault in same region). Second thing is that we have same name of policy configured for each region (entry parameter $backupPolicyName). Regions which should be used are provided in array $vmsRegions . Script is iterating across regions defined in above array. In first way it is gathering all virtual machines from this region, next look for Recovery Service Vault in same region. If it was found it’s simply adding policy to virtual machine. That’s it, you just enable backup for all Azure VMs. Of course I know that this scenario can not be enough for you, but you can base on that 🙂

Prerequisites:

  • Az module installed
  • Enough permission are set for account under which script will be run (Contributor should be enough)
  • Recovery Service Vaults were created in necessary regions earlier

Script:

param(
    $backupPolicyName,
    $subscriptionId
)

$vmsRegions = @(
    "westeurope",
    "northeurope"
)

Select-AzSubscription -SubscriptionId $subscriptionId

foreach ($region in $vmsRegions) {
    $vms = Get-AzVM | Where-Object Location -like "$region"
    $backupVault = Get-AzRecoveryServicesVault | Where-Object Location -Like "$region"
    if ($backupVault) {
        Set-AzRecoveryServicesVaultContext -Vault $backupVault
        $policy = (Get-AzRecoveryServicesBackupProtectionPolicy | Where-Object Name -Like $backupPolicyName)[0]
        if ($policy) {
            foreach ($vm in $vms) {
                Write-Output "Enabling backup on virtual machine $($vm.Name) ."
                Try {
                    Enable-AzRecoveryServicesBackupProtection -ResourceGroupName $vm.ResourceGroupName -Name $vm.Name -Policy $policy
                    Write-Output "Backup has been enabled for virtual machine $($vm.Name)"
                }
                Catch {
                    Write-Output "Error during adding configuration of backup for $($vm.Name): $($_.Exception.Message)"
                }
            }
        }
        else {
            Write-Output "Policy with name $backupPolicyName can not be found under $($backupVault.Name). Skipping... "
        }
    }
    else {
        Write-Output "Can not found Recovery Service Vault in $region region. Skipping.."
    }
}

I hope it will be usefull for some you 😉

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.