Deleted Azure Storage Account Recovery
As a cloud administrator or developer, you may have accidentally deleted a storage account containing critical data. Losing important information can be a frustrating and costly experience. Fortunately, Azure provides several ways to recover a deleted storage account. In this article, we will discuss the steps involved in recovering a deleted storage account in Azure.
Azure Storage Accounts provide a reliable and scalable solution for storing unstructured data in the cloud. A storage account is a logical container for data objects such as blobs, files, tables, and queues. Accidental deletion of a storage account can result in the loss of critical data, which can have severe consequences for businesses. In this article, we will explore the steps involved in recovering a deleted storage account in Azure.
Understanding Azure Storage Accounts
Azure Storage Accounts are the basic building blocks for storing data in Azure. There are four types of storage accounts in Azure: General-purpose v2 storage accounts, General-purpose v1 storage accounts, Blob storage accounts, and Premium performance v2 storage accounts. Each storage account has a unique name that is used to access its data objects. Azure storage accounts provide several features, such as data replication, scalability, and security.
- General-purpose v2 storage accounts
- General-purpose v1 storage accounts
- Blob storage accounts
- Premium performance v2 storage accounts
Each storage account has a unique name that is used to access its data objects. Azure storage accounts provide several features, such as data replication, scalability, and security.
Reasons for Deleting a Storage Account
There can be various reasons for deleting a storage account in Azure, such as:
- The storage account is no longer required.
- The storage account is not compliant with organizational policies.
- The storage account contains sensitive data that needs to be deleted.
- Accidental deletion by a user.
Regardless of the reason, it is important to have a plan in place for recovering a deleted storage account in case of accidental deletion.
Steps to Recover a Deleted Storage Account
Azure provides a mechanism to recover a deleted storage account within a specified time frame. The recovery period for a storage account is determined by the type of storage account and the subscription type. Here are the steps to recover a deleted storage account:
Step 1: Check the Recovery Period
The first step in recovering a deleted storage account is to check if the recovery period has not expired. Azure provides a default recovery period of 14 days for all types of storage accounts. The recovery period can be extended up to 90 days for general-purpose v2 storage accounts and up to 365 days for blob storage accounts. To check the recovery period for a storage account, follow these steps:
- Log in to the Azure portal.
- Click on the Storage accounts menu item in the left-hand pane.
- Click on the Deleted accounts tab to view the list of deleted storage accounts.
- Check the status of the deleted storage account. If the status is “deleted,” the storage account can be recovered.
- Check the recovery period for the storage account. If the recovery period has not expired, the storage account can be recovered.
Step 2: Restore the Storage Account
The second step in recovering a deleted storage account is to restore the account. To restore a deleted storage account, follow these steps:
- Select the deleted storage account from the list of deleted accounts.
- Click on the Restore button at the top of the page.
- In the Restore Account pane, review the details of the storage account, such as the account name, type, and location.
- Click on the Restore button to start the recovery process.
- The restored storage account will appear in the list of storage accounts once the recovery process is complete.
Alternative Method to Recover a Deleted Storage Account
If the recovery period has expired, or if the storage account cannot be recovered using the previous method, there is an alternative method to recover the account. This method involves contacting Azure support to recover the account. To recover a deleted storage account using Azure support, follow these steps:
- Log in to the Azure portal.
- Click on the Help + support menu item in the left-hand pane.
- Click on the New support request button at the top of the page.
- In the Basics tab, select the subscription that contains the deleted storage account.
- In the Issue type tab, select “Storage accounts” and “Recover deleted storage account.”
- Fill out the details of the support request, such as the deleted storage account name and the reason for the recovery request.
- Submit the support request.
Azure support will review the support request and initiate the recovery process. The recovery process may take several hours to complete.
Best Practices to Avoid Accidental Deletion of Storage Accounts
Accidental deletion of a storage account can be avoided by following these best practices:
- Use role-based access control (RBAC) to restrict access to storage accounts.
- Use resource locks to prevent accidental deletion of storage accounts.
- Use Azure Backup to create regular backups of storage accounts.
- Use Azure Resource Manager templates to deploy storage accounts with predefined configurations.
Azure Storage Account Deletion RABC
To prevent accidental deletion of storage accounts using Role Based Access Controls, here are some guiding principles;
Prevention Method | Description | Example |
---|---|---|
Role-based access control (RBAC) |
Assign appropriate access roles to users and groups to limit their permissions on the storage account. | Assign a user with the “Contributor” role instead of “Owner” to restrict their ability to delete the storage account. |
Resource locks |
Use locks to block users from deleting a resource, even if they have the necessary permissions. | Apply a “CanNotDelete” lock on the storage account to prevent accidental deletion. |
It’s important to note that RBAC can be used not only to prevent accidental deletion, but also to restrict other types of operations on the storage account, such as reading or modifying data. Resource locks are specifically designed to prevent deletion and can be applied at the resource group or resource level.
Here’s a table that of the different RBAC roles and their permissions in Azure:
RBAC Role | Description | Permissions |
---|---|---|
Owner |
Has full access to all resources and can manage access to resources | Can create, read, update, and delete all resources and assign access to others |
Contributor |
Can create and manage all types of resources but cannot grant access to others | Can create, read, update, and delete all resources, but cannot assign access to others |
Reader |
Can view existing resources but cannot make any changes | Can only read existing resources |
User Access Administrator |
Can manage user access to Azure resources | Can assign roles to users and groups to control access to resources |
Security Administrator |
Can manage security-related operations | Can manage security-related resources like security center, key vaults, and Azure AD security solutions |
Network Contributor |
Can manage network-related resources like virtual networks, network security groups, and IP addresses | Can create and manage network-related resources |
And here’s a table that explains the different types of resource locks in Azure:
Resource Lock Type | Description |
---|---|
CanNotDelete |
Prevents the deletion of a resource or resource group |
ReadOnly |
Prevents any modification of a resource, but allows for reading |
DoNotDelete |
Similar to CanNotDelete, but also prevents the deletion of any child resources |
ReadOnlyWithCanNotDelete |
Combination of ReadOnly and CanNotDelete |
Azure Storage Account Deletion FAQs
Question | Answer |
---|---|
What is a storage account in Azure? |
A storage account in Azure is a secure and scalable cloud storage solution for data objects, such as blobs, files, queues, tables, and disks. |
How do I create a storage account in Azure? |
To create a storage account in Azure, log in to the Azure portal, select “Create a resource,” search for “Storage account,” and follow the prompts to configure the storage account. |
How do I access my storage account in Azure? |
You can access your storage account in Azure using the Azure portal, Azure Storage Explorer, Azure PowerShell, or Azure CLI. |
What is the recovery period for a deleted storage account in Azure? |
The recovery period for a deleted storage account in Azure is between 0 and 14 days, depending on the type of storage account. |
How do I recover a deleted storage account? |
You can recover a deleted storage account in Azure by using the recovery period or by contacting Azure support. To use the recovery period, go to the deleted storage account and select “Recover.” To recover a storage account using Azure support, log in to the Azure portal and submit a support request. |
How do I recover a deleted container in Azure storage? |
You can recover a deleted container in Azure storage by using the Azure portal or the Azure Storage Explorer. To recover a container in the Azure portal, go to the deleted container and select “Undelete.” To recover a container in the Azure Storage Explorer, right-click on the deleted container and select “Undelete.” |
What is soft delete in storage account? |
Soft delete is a feature in Azure storage accounts that allows deleted data to be retained for a specific period of time. During this time, the data can be recovered in case of accidental deletion. Soft delete can be enabled for blob storage accounts and file storage accounts. |
What is the purpose of soft delete? |
The purpose of soft delete is to prevent accidental data loss and to provide an option for data recovery in case of accidental deletion. Soft delete also allows users to comply with retention policies and legal requirements for data retention. |
Azure Storage Account Recovery Periods
Storage Account Type | Default Recovery Period | Maximum Recovery Period |
---|---|---|
General-purpose v2 |
14 days | 90 days |
General-purpose v1 |
14 days | Not applicable |
Blob storage |
14 days | 365 days |
Premium performance v2 |
14 days | Not applicable |
Note that the maximum recovery period can only be extended for certain types of storage accounts. It’s important to check the recovery period for a deleted storage account before attempting to recover it.
Azure Storage Account Deletion Further Reading
If you would like to know more about Storage Accounts, visit these sites.
Description | Link |
---|---|
Microsoft documentation on recovering a deleted storage account |
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-recovery |
Microsoft documentation on soft delete for Azure Storage |
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-soft-delete |
Microsoft documentation on Azure Storage Explorer |
https://docs.microsoft.com/en-us/azure/storage/common/storage-explorer |
Microsoft documentation on Azure PowerShell |
https://docs.microsoft.com/en-us/powershell/azure/overview |
Azure Storage Cost Optimisation Tool |
https://www.smikar.com/cloud-storage-manager/ |
Azure Storage Account Deletion Conclusion
Recovering a deleted storage account in Azure can be a challenging and time-consuming task, but it is essential to avoid data loss. Azure provides several mechanisms to recover a deleted storage account, such as the recovery period and Azure support. It is important to follow best practices to avoid accidental deletion of storage accounts and ensure the safety and security of data stored in Azure.
Azure Storage Unlocked
Send download link to: