Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article describes how to restore Azure Managed Disks from a restore point created by Azure Backup. You can also restore Managed Disk using Azure PowerShell, Azure CLI, REST API.
Backup Vault uses Managed Identity to access other Azure resources. To restore from backup, Backup vault’s managed identity requires a set of permissions on the resource group where the disk is to be restored.
Backup vault uses a system assigned managed identity, which is restricted to one per resource and is tied to the lifecycle of this resource. You can grant permissions to the managed identity by using Azure role-based access control (RBAC). Managed identity is a service principal of a special type that may only be used with Azure resources. Learn more about Managed Identities.
Note
Currently, the Original-Location Recovery (OLR) option of restoring by replacing existing the source disk from where the backups were taken isn't supported. You can restore from a recovery point to create a new disk either in the same resource group as that of the source disk from where the backups were taken or in any other resource group. This is known as Alternate-Location Recovery (ALR) and this helps to keep both the source disk and the restored (new) disk.
Restore a new disk from a recovery point
To restore a new disk from a recovery point, follow these steps:
Go to Business Continuity Center, and then select Recover.
Alternately, you can perform this operation from the Backup vault you used to configure backup for the disk.
On the Recover pane, select Datasource type as Azure Disks, and then under Protected item, click Select to choose a disk instance.
On the Select Protected item pane, select a disk instance from the list, and then click Select.
On the Recover pane, select Continue.
On the Restore pane, on the Basics tab, select Next: Restore point.
On the Restore point tab, under Restore Point, click Select restore point.
On the Select restore point pane, choose a restore point from the list, and then click Select.
On the Restore pane, select Next: Restore parameters.
On the Restore parameters pane, select the Target subscription and Target resource group where you want to restore the backup to, enter a value under Restored disk name, and then select Validate.
Tip
You can protect disks with Azure Backup using either the Disk Backup solution or the Azure Virtual Machine (VM) backup solution with a Recovery Services vault. If the Azure VM is already protected that uses this disk, you can restore the VM, individual disks, or files and folders from the VM backup recovery point. For more information, see Azure VM backup.
If the validation fails due to role assignment not done, select Grant Permissions. After the role assignment is complete, the revalidation runs automatically.
Note
While the role assignments are reflected correctly on the portal, it may take approximately 15 minutes for the permission to be applied on the backup vault’s managed identity.
During scheduled backups or an on-demand backup operation, Azure Backup stores the disk incremental snapshots in the Snapshot Resource Group provided during configuring backup of the disk. Azure Backup uses these incremental snapshots during the restore operation. If the snapshots are deleted or moved from the Snapshot Resource Group or if the Backup vault role assignments are revoked on the Snapshot Resource Group, the restore operation fails.
When the validation is successful, select Next: Review + restore.
On the Review + restore pane, review the restore settings, and then select Restore to start the restore operation.
Note
Validation might take few minutes to complete before you can trigger restore operation. Validation may fail if:
- a disk with the same name provided in Restored disk name already exists in the Target resource group
- the Backup vault's managed identity doesn't have valid role assignments on the Target resource group
- the Backup vault's managed identity role assignments are revoked on the Snapshot resource group where incremental snapshots are stored
- If incremental snapshots are deleted or moved from the snapshot resource group
The restore operation creates a new disk from the selected recovery point in the target resource group provided during the restore operation. To use the restored disk on an existing virtual machine, do the following actions:
If the restored disk is a data disk, you can attach an existing disk to a virtual machine. If the restored disk is OS disk, you can swap the OS disk of a virtual machine from the Azure portal under the Virtual machine pane - > Disks menu in the Settings section.
For Windows virtual machines, if the restored disk is a data disk, follow the instructions to detach the original data disk from the virtual machine. Then attach the restored disk to the virtual machine. Follow the instructions to swap the OS disk of the virtual machine with the restored disk.
For Linux virtual machines, if the restored disk is a data disk, follow the instructions to detach the original data disk from the virtual machine. Then attach the restored disk to the virtual machine. Follow the instructions to swap the OS disk of the virtual machine with the restored disk.
Note
We recommend revoking the Disk Restore Operator role assignment from the Backup vault's managed identity on the Target resource group after the restore operation completes successfully.
Track a restore operation
After you trigger the restore operation, the backup service creates a job for tracking. Azure Backup displays notifications about the job in the portal. Learn how to view the restore job progress.