At Microsoft Build 2025, Microsoft Azure announced the General Availability (GA) of vaulted backups by Azure Backup for Azure Database for PostgreSQL – flexible server. This solution helps customers in meeting compliance and cyber resiliency needs.
Key features:
- Policy-based scheduled backups that eliminate the need for manual intervention
- Cyber resiliency features like soft delete of backups, immutability of backup vault and role-based access to backups
- Security features like data encryption of data at rest and in transit, support for customer-managed keys for encrypting and storing backups
- Long-term retention of backups (up to 10 years)
- Redundant storage options of backup data with Zonal and Regional replication
- Recoverability to paired secondary region via cross region restore
- Integration with Azure Business Continuity Center which provides single pane of glass for managing backups
How it benefits customers?
- Enhanced Security: Ensures that backups protected from unauthorized access and potential threats by encrypting backup data and storing it in a vault.
- Cyber Resiliency: Enhances your organization's cyber resiliency by ensuring that your data is safeguarded against cyber threats such as ransomware attacks which could lead to data loss for business. In the event of an attack, you can quickly restore your data from secure backups, minimizing the impact on your operations.
- Compliance: Meet data compliance requirements by ensuring that backups are stored securely and retained according to regulatory standards. With regulatory bodies updating their data management mandates, this becomes even more crucial. Azure Backup supports retention of backed up data for up to 10 years.
- At-scale Management: Enterprise grade features and management via Azure Business Continuity Center, which offers a single pane of glass experience to manage, operate and govern all protected resources.
How it works?
Azure Backup takes full logical backup (using native pg_dump command) of PostgreSQL – flexible server. This approach for vaulted backups relies on native open-source format and this design decision was made for the following reasons:
- Version agnostic restores: Greater flexibility in restoring backup across different database versions.
- Open-Source Format: Allows restoration of backups to platform of choice (Azure PostgreSQL flexible server/virtual machines/on-premises/other cloud providers etc.)
Backup policies manage schedules and retention, supporting weekly backups. Retention can be set for weekly, monthly, or yearly backups and can be retained up to 10 years, with yearly rules taking priority. If no other rules are set, the default retention rule applies.
After the backup configuration is complete, a backup instance is created in the Backup vault. Use it to initiate restores, monitor activity, stop protection, and perform other backup operations.
Azure Backup automatically runs scheduled backups jobs. These jobs run independently preventing disruptions during long-running tasks. Full backups are taken and remain in the vault per policy and are deleted once the retention period ends.
Azure Backup allows restoring data from any recovery point within the retention period set by the backup policy. Recovery points are created when the PostgreSQL – flexible server is in protected state and can be used to restore until they expire as per the retention policy. Backups are restored as .sql files using native pg_restore command. This allows greater flexibility in restoring backup across different database versions.
Pricing Information
Azure Backup charges for protecting Azure Database for PostgreSQL flexible server are similar to other workloads. The customer is charged a Protected Instance (PI) fee and a backup storage fee. For more details, please refer to Azure Backup for PostgreSQL – flexible server pricing page.
To get an estimate of the costs, you can use the Pricing Calculator for Azure Backup for PostgreSQL – flexible server. This tool allows you to input your specific requirements and provides a detailed breakdown of the costs associated.
Getting started
Configuring Vaulted Backups for PostgreSQL – flexible server is a straightforward process. You can use your preferred method to configure backups.
- Visit Business Continuity Centre in Azure portal to configure backups. You can follow the step-by-step guide here.
- Other ways to configure backup is via Azure CLI or PowerShell.
- You can also use Terraform template, ARM template or Bicep template.
Microsoft