Skip to content

azurermBackupContainerStorageAccount

Manages registration of a storage account with Azure Backup. Storage accounts must be registered with an Azure Recovery Vault in order to backup file shares within the storage account. Registering a storage account with a vault creates what is known as a protection container within Azure Recovery Services. Once the container is created, Azure file shares within the storage account can be backed up using the azurermBackupProtectedFileShare resource.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "tfex-network-mapping-primary",
  }
);
const azurermStorageAccountSa = new azurerm.storageAccount.StorageAccount(
  this,
  "sa",
  {
    account_replication_type: "LRS",
    account_tier: "Standard",
    location: azurermResourceGroupExample.location,
    name: "examplesa",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
const azurermRecoveryServicesVaultVault =
  new azurerm.recoveryServicesVault.RecoveryServicesVault(this, "vault", {
    location: azurermResourceGroupExample.location,
    name: "example-recovery-vault",
    resource_group_name: azurermResourceGroupExample.name,
    sku: "Standard",
  });
new azurerm.backupContainerStorageAccount.BackupContainerStorageAccount(
  this,
  "container",
  {
    recovery_vault_name: azurermRecoveryServicesVaultVault.name,
    resource_group_name: azurermResourceGroupExample.name,
    storage_account_id: azurermStorageAccountSa.id,
  }
);

Argument Reference

The following arguments are supported:

  • resourceGroupName - (Required) Name of the resource group where the vault is located. Changing this forces a new resource to be created.

  • recoveryVaultName - (Required) The name of the vault where the storage account will be registered. Changing this forces a new resource to be created.

  • storageAccountId - (Required) The ID of the Storage Account to be registered Changing this forces a new resource to be created.

-> NOTE Azure Backup places a Resource Lock on the storage account that will cause deletion to fail until the account is unregistered from Azure Backup

Attributes Reference

In addition to the arguments above, the following attributes are exported:

  • id - The ID of the Backup Storage Account Container.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the Backup Storage Account Container.
  • update - (Defaults to 30 minutes) Used when updating the Backup Storage Account Container.
  • read - (Defaults to 5 minutes) Used when retrieving the Backup Storage Account Container.
  • delete - (Defaults to 30 minutes) Used when deleting the Backup Storage Account Container.

Import

Backup Storage Account Containers can be imported using the resourceId, e.g.

terraform import azurerm_backup_container_storage_account.mycontainer "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resource-group-name/providers/Microsoft.RecoveryServices/vaults/recovery-vault-name/backupFabrics/Azure/protectionContainers/StorageContainer;storage;storage-rg-name;storage-account"

Note the ID requires quoting as there are semicolons