First published on MSDN on Nov 13, 2018
Consider that you have configured the LTR Backup for your Azure SQL Database and you are not able to view it on the Portal.
Figure 1: LTR configure policies pane
And when you click on available backups you do not see the list of backups.
Figure 2: Available Backups pane
This might be related to a permissions issue on the subscription level. Basically, the LTR Backups are related to the subscription and not the server, so if the server was deleted those LTR backups would still exist as they are associated with the Subscription.
Now to give yourself permission to view and restore the LTR backups, please make sure that you have one of the following permissions on the subscription level:
-
Subscription Owner or
-
SQL Server Contributor role in Subscription scope or
-
SQL Database Contributor role in Subscription scope
Please note that you can grant permissions for your users using the PowerShell cmdlets, full tutorial can be found here:
I cannot see the Long-Term Retention (LTR) backups
If more granular control is required, you can create custom RBAC roles and assign them in the Subscription scope.
For
Get-AzureRmSqlDatabaseLongTermRetentionBackup
and
Restore-AzureRmSqlDatabase
the role needs to have the following permissions:
Microsoft.Sql/locations/longTermRetentionBackups/read Microsoft.Sql/locations/longTermRetentionServers/longTermRetentionBackups/read Microsoft.Sql/locations/longTermRetentionServers/longTermRetentionDatabases/longTermRetentionBackups/read
For
Remove-AzureRmSqlDatabaseLongTermRetentionBackup
the role needs to have thefollowing permissions:
Microsoft.Sql/locations/longTermRetentionServers/longTermRetentionDatabases/longTermRetentionBackups/delete
Now after you grant the required permissions to view the LTR backups on the Subscription level, you will be able to view them at the Avaiable Backups pane as shown in image 3 below.
Figure 3: Available Backups after granting the required permissions