0

Using geo-replication is a nice way of duplicating data but it requires the two servers to be registered on the same Azure account. That could be a potential security risk if an employee decides to log in and delete both servers. In that case there would be no possible way of recovering data.

To counter this potential threat, a scheduled dump sounds like a good way to keep data in another account that another set of users have access to.

Using Database Sync results in new tables being generated and seems messy.

Does Azure SQL DB provide any convenient way of dumping data?

Improve this question
2
  • Which specific kind of Azure database are you talking about: Azure SQL DB, Azure SQL DB Managed Instances, or SQL Server running inside a VM? Commented Dec 4, 2018 at 1:13
  • @BrentOzar Azure SQL DB Commented Dec 4, 2018 at 11:59

2 Answers 2

Reset to default
1

You can create an automation account and runbook which runs a task to export the backup of databases to a storage account every so often. Here is an example:

$ResourceGroupName = "rg" $ServerName = "sqlserver" $StorageKeytype = "StorageAccessKey" $StorageKey = "examplestoragekey" $sqldbs = ("userdb1,userdb2") $UserName = "sqladminaccount" $BacpacUri_Stem = "https://example.blob.core.windows.net/sqlbackup/" $Password = Get-AutomationPSCredential -Name 'MyCredential' foreach ($sqldb in $sqldbs){ $BacpacUri = $BacpacUri_Stem + $database + (Get-Date -Format ddmmyy) + ".bacpac" $exportRequest = New-AzureRmSqlDatabaseExport -ResourceGroupName $ResourceGroupName -ServerName $ServerName ` -DatabaseName $Database -StorageKeytype $StorageKeytype -StorageKey $StorageKey -StorageUri $BacpacUri ` -AdministratorLogin $UserName -AdministratorLoginPassword $Password }
Improve this answer
1
  • Exactly what I needed. However this does not seem to backup the schema (tables). Is that a correct behavior? Commented Jan 12, 2019 at 19:52
0

This doesnt make a lot of sense, you can always restrict people from accessing resources in Azure. Also, deleting an Azure SQL database doesnt delete the backups if the server is not deleted as well. you can use Long Term Retention to backup to a different "media".

Improve this answer
8
  • My question mentions delete servers. Commented Dec 4, 2018 at 12:00
  • my answers mentions that as well Commented Dec 4, 2018 at 12:02
  • Let's say somebody gets access to my master login and deletes everything. That is the scenario I would like to have a backup plan for. Commented Dec 4, 2018 at 12:03
  • you could use jit access and MFA so it becomes virtually impossible. in case you are really paranoid you can only do bacpac exportd Commented Dec 4, 2018 at 12:04
  • Bacpac I probably what i'm looking for. Do you know of any convenient way to automate bacpac export in Azure. Or is it something i'd have to write a script for. Commented Dec 4, 2018 at 12:06

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.