Create snapshots of Azure VM disks on a schedule using Azure Runbooks. Also handle deletion of snapshots, and possible export of them to a storage account.

This repo contains the following scripts:

• parameterized_snapshots.ps1 : A parameterized script that goes through your resource groups and makes Snapshots of your VM Managed Disks with tags to identify deletion date, export date, and to copy over tags from the VM itself.
• snapshot-deletion.ps1 : Script used to delete Snapshots not exported to a storage account that have gone past their deltion date.
• snapshot-export.ps1 : Script used to export Snapshots to a Storage Account after a set period of time.

The Powershell modules listed below are required for the Runbooks included here to function, and will most likely need to be imported. The list contains the names for the Az versions and their matching AzureRM version name.

• Az.Accounts / AzureRm.Profile
• Az.Compute / AzureRm.Compute
• Az.Resources / AzureRm.Resources

NOTE: Currently, my script uses AzureRM. I will create a second copy that uses the Az equivalents at a later date, but will keep the AzureRM version in case you currently do not have the Az modules imported.

The necessary modules can be imported by:

1. Going to the Automation Account containing the relevant Runbooks in Azure.
2. Scroll down to the Shared Resources section.
3. Select the Modules Gallery link.
4. Search for the module you wish to import and select it from the results.
5. Click Import in the window displays.

When you connect with the RunAs account in your Runbook within a Azure Gov environment, you have to add an additional parameter to the connection to specify what Gov environment it is. Otherwise the connection won't work right.

-Environment AzureUSGovernment

If you are connecting to a regular consumer Azure instance, you do not need this Environment parameter.

From Azure's documentation,

A blob snapshot is a read-only version of a blob that is captured at a point in time. Once a snapshot has been created, it can be read, copied, or deleted, but not modified. Snapshots provide a way to back up a blob as it appears at a moment in time. Until REST version 2015-04-05, you had the ability to copy full snapshots. With the REST version 2015-07-08 and above, you can also copy incremental snapshots.

Snapshots make restoring a backup faster and/or allow you to quickly examine a point-in-time by attaching to a VM. However, they should not be treated as a main backup/recovery option. Instead, File-Level Backups should be used for true backup/recovery. If you would like to learn more about the differences between Snapshots and File-Level Backups, check out the Backup vs Snapshot: What's the difference? article by SEP Software.

An important note on Snapshots, you can ONLY make a full Snapshot of a Managed Disk. A VM might have several Managed Disks attached to it. It will have at least one for the OS disk, but may have more. You can learn more

Keeping lots of Snapshots can significantly increase Azure spend. So it is recommended that they only be kept for a limited amount of time.

• hourly_snapshots.ps1 : Hourly snapshots will be kept for 24 hours.
• daily_snapshots.ps1 : Daily snapshots will be kept for 5 days.
• weekly_snapshots.ps1 : Weekly snapshots will be kept for 4 weeks.

Make sure any VMs and their respective disks that you want Snapshots of have the Snapshot : True tag. Also make sure that any kind of Terraform or Ansible scripts you have that create those resources have that tagging reflected in them if you manually apply the tags. That way you do not accidentally destroy any resources.

After a new snapshot is created, it should be tagged with Delete After : <date> with the <date> being based on the type of snapshot taken.

File-level backs up are a more true backup solution, and should be implemented as well in addition to Snapshots.

You can choose to keep file level backups similar to the list I give for snapshots. However, with file-level backups you will most likely also want to take into account whether or not they are full backups or incremental backups, in addition to how frequently you are taking backups.

• Starwind Software - Automating Disk Snapshots using Azure Runbook
• Automate Disk Snapshots in Azure
• Using Azure Automation to create a snapshot of all Azure VMs
• Step-by-Step Guide: How to backup/restore encrypted Azure VM using Azure Backup?
• Export an Azure Managed Snapshot to Storage Account – PowerShell - Arlan Blogs

• Backup and disaster recovery for Azure IaaS disks
• Create a snapshot using the portal or Azure CLI
• Create a snapshot using the portal or PowerShell
• Back up Azure unmanaged Virtual Machine disks with incremental snapshots
• Create an incremental snapshot for managed disks
• Azure Government documentation
• New-AzureStorageContainer
• Set-AzureStorageBlobContent Cannot Bind Parameter 'Context' #8265