Background:
This blog covers Permanent Delete of Soft deleted Snapshot and Versions in Azure storage without disabling Soft Delete option before the retention period ends.
Permanent Delete of Blob Snapshot and Version:
With version 2020-02-10 and later, you can permanently delete a soft-deleted snapshot or version.
Permanent delete enables you to permanently delete a soft-deleted snapshot or blob version before the retention period ends.
Note
The storage account must have versioning or snapshots enabled. Soft-delete must also be enabled on the storage account to soft-delete versions or snapshots of blobs in the account. Permanent delete only deletes soft-deleted snapshots or versions.
Please refer to article Delete Blob (REST API) - Azure Storage | Microsoft Learn
Step1 :
- Enable Permanent delete for soft deleted items option from Azure Portal
Please note Permanent delete option can be enabled from Azure Portal at the moment only for GPv2 Storage account without Hierarchical namespace enabled Storage account.
- Enable Permanent delete for soft deleted items from REST API
Make use of Set Blob Service Properties Rest API to enable Permanent Delete
Reference document : Set Blob Service Properties (REST API) - Azure Storage | Microsoft Docs
Sample request :
Make use of Get Blob Service Properties Rest API to check whether the Permanent Delete is enabled on the storage account or not
Get Blob Service Properties (REST API) - Azure Storage | Microsoft Docs
Step 2 :
Permanent delete of Snapshot/ version
- Using REST API
Make use of Delete Blob Rest API to permanent delete soft deleted snapshot/Version
Storage accounts with permanent delete enabled can use the deletetype=permanent query parameter to permanently delete a soft-deleted snapshot or deleted blob version.
If the query parameter presents any of the following, Blob Storage returns a 409 error (Conflict):
- The permanent delete feature isn't enabled for the storage account.
- Neither versionid nor snapshot are provided.
- The specified snapshot or version isn't soft-deleted.
Permanent delete also includes a shared access signature permission to permanently delete a blob snapshot or blob version. For more information, see Create a service SAS.
To get the Snapshot or version id which needs to be deleted use List Blob : List Blobs (REST API) - Azure Storage | Microsoft Learn rest API. Make use of URI parameter include=snapshots/versions(based on requirement)
- snapshots: Specifies that snapshots should be included in the enumeration. Snapshots are listed from oldest to newest in the response.
-versions: Version 2019-12-12 and later. Specifies that versions of blobs should be included in the enumeration
Sample Rest API call to get Snapshot/version id :
Sample Rest API call to permanent delete the snapshot/versions:
- Using Azcopy
We can make use of Azcopy to Permanently delete the Blob version or snapshot.
Make use of --permanent-delete (string) switch, this is a preview feature that PERMANENTLY deletes soft-deleted snapshots/versions. Possible values include 'snapshots', 'versions', 'snapshotsandversions', 'none'. (default "none")
- Execute azcopy login( with AD Authentication)
azcopy rm "Blob URL" --Permanent-delete="snapshots/version"(pass based on requirement)
The above command will delete all the Snapshots/Versions which is in soft deleted state
Note : Make Sure to assign Storage Blob Data Owner role for the user who is running the Azcopy or use SAS /Access Keys.
Refer below documents for more information
https://github.com/Azure/azure-storage-azcopy/releases/tag/v10.14.0
https://learn.microsoft.com/en-us/rest/api/storageservices/delete-blob#permanent-delete
Updated Jan 19, 2024
Version 1.0Deeksha_S_A
Microsoft
Joined March 04, 2021
Azure PaaS Blog
Follow this blog board to get notified when there's new activity