Enabling soft delete for blobs in an Azure Storage Account

@20aman    Feb 15, 2021

Data protection is a key feature that should always factor into the security posture of your organization. Imagine if someone gets access to your Storage Account and deletes the contents of a Storage Account. Or if an employee accidentally deletes the contents of a container inside the Storage account.

Microsoft has added the support for soft delete. You can enable this while creating the storage account under the "Data protection". You have 4 key options that you can enable. These options are:

  1. Turn on point-in-time restore for container
  2. Turn on soft delete for blobs
  3. Turn on soft delete for containers
  4. Turn on soft delete for file shares

These options are shown below.

Soft delete options in a Storage Account creation

Accessing the Soft Delete capabilities for a blob

If you have enabled the soft delete for blobs, then you will view a toggle to "Show deleted blobs". Any deleted blobs which was deleted within the configured number of days during the creation of the storage account will show up with the status as "Deleted".

Soft delete option after blob deletion

You can then either right-click or click on the three dots at the end of the line for the blob with Status as "Deleted". You will see the option for "View previous versions". Click on this option to see any deleted versions of this blob.

View Previous Versions

From the deleted versions of the blob, you can select any of the version and then you can either download that blob (by clicking on the Download version button) or restore it (by clicking on the Make current version button).

Alternatively, you can click on the deleted blob's name and a pane will open up. In this pane, you can click on the "Undelete" button. If you have multiple versions then to undelete you will have to select the version first.

Restore or Download Previous version

After restoring the blob, it will show up with the status as Active.

Note:

  1. The soft delete feature retains the data for only a fixed number of days. You define this number based on your recovery strategy during the creation of the storage account.
  2. If you delete the Storage Account then you can't restore the blobs.

You can read more about this feature in the official documentation here: Soft delete for blobs



  Azure    disasterrecovery   microsoft   microsoftazure   recovery   storage  
View All Post
Comments powered by Disqus
Follow Me
Key Posts and Series
Latest Posts
Categories
Archives
Tags Cloud