Merge pull request #230221 from AbhishekMallick01/Mar-10-2023-SelectiveDisk

prmerger-automator[bot] · web-flow · commit 693bc3cfbaeb · 2023-03-15T11:12:18.000Z
Selective disk backup (preview) release
diff --git a/articles/backup/backup-azure-vms-enhanced-policy.md b/articles/backup/backup-azure-vms-enhanced-policy.md
@@ -2,7 +2,7 @@
 title: Back up Azure VMs with Enhanced policy
 description: Learn how to configure Enhanced policy to back up VMs.
 ms.topic: how-to
-ms.date: 07/04/2022
+ms.date: 03/15/2023
 ms.reviewer: geg
 ms.service: backup
 author: jyothisuri
@@ -16,7 +16,7 @@ Azure Backup now supports _Enhanced policy_ that's needed to support new Azure o
 
 >[!Important]
 >- [Default policy](./backup-during-vm-creation.md#create-a-vm-with-backup-configured) will not support protecting newer Azure offerings, such as [Trusted Launch VM](backup-support-matrix-iaas.md#tvm-backup), [Ultra SSD](backup-support-matrix-iaas.md#vm-storage-support), [Shared disk](backup-support-matrix-iaas.md#vm-storage-support), and Confidential Azure VMs.
->- Enhanced policy currently doesn't support protecting Ultra SSD.
+>- Enhanced policy currently doesn't support protecting Ultra SSD. You can use [selective disk backup (preview)](selective-disk-backup-restore.md) to exclude these disks, and then configure backup.
 >- Backups for VMs having [data access authentication enabled disks](../virtual-machines/windows/download-vhd.md?tabs=azure-portal#secure-downloads-and-uploads-with-azure-ad) will fail.
 
 You must enable backup of Trusted Launch VM through enhanced policy only. Enhanced policy provides the following features:
@@ -75,6 +75,10 @@ Follow these steps:
 >- Enhanced policy is only available to unprotected VMs that are new to Azure Backup. Note that Azure VMs that are protected with existing policy can't be moved to Enhanced policy.
 >- Back up an Azure VM with disks that has public network access disabled is not supported.
 
+## Enable selective disk backup and restore (preview)
+
+You can exclude non-critical disks from backup by using selective disk backup to save costs. Using this capability, you can selectively back up a subset of the data disks that are attached to your VM, and then restore a subset of the disks that are available in a recovery point, both from instant restore and vault tier. [Learn more](selective-disk-backup-restore.md).
+
 ## Next steps
 
 - [Run a backup immediately](./backup-azure-vms-first-look-arm.md#run-a-backup-immediately)
diff --git a/articles/backup/selective-disk-backup-restore.md b/articles/backup/selective-disk-backup-restore.md
@@ -1,8 +1,8 @@
 ---
 title: Selective disk backup and restore for Azure virtual machines
 description: In this article, learn about selective disk backup and restore using the Azure virtual machine backup solution.
-ms.topic: conceptual
-ms.date: 11/10/2021
+ms.topic: how-to
+ms.date: 03/15/2023
 ms.custom: references_regions, devx-track-azurecli, devx-track-azurepowershell3
 ms.service: backup
 author: jyothisuri
@@ -11,16 +11,24 @@ ms.author: jsuri
  
 # Selective disk backup and restore for Azure virtual machines
 
-Azure Backup supports backing up all the disks (operating system and data) in a VM together using the virtual machine backup solution. Now, using the selective disks backup and restore functionality, you can back up a subset of the data disks in a VM. This provides an efficient and cost-effective solution for your backup and restore needs. Each recovery point contains only the disks that are included in the backup operation. This further allows you to have a subset of disks restored from the given recovery point during the restore operation. This applies to both restore from snapshots and the vault.
+Azure Backup supports backing up all the disks (operating system and data) in a VM together using the virtual machine backup solution. Now, using the selective disks backup and restore functionality, you can back up a subset of the data disks in a VM.
+
+This is supported both for Enhanced Policy (preview) as well as Standard Policy.          This provides an efficient and cost-effective solution for your backup and restore needs. Each recovery point contains only the disks that are included in the backup operation. This further allows you to have a subset of disks restored from the given recovery point during the restore operation. This applies to both restore from snapshots and the vault.
+
+>[!Note]
+>- This is supported for both backup policies - [Enhanced policy](backup-azure-vms-enhanced-policy.md) and [Standard policy](backup-during-vm-creation.md#create-a-vm-with-backup-configured).
+>- The *Selective disk backup and restore in Enhanced policy (preview)* is available in public Azure regions only.
 
 ## Scenarios
 
 This solution is useful particularly in the following scenarios:
 
 1. If you have critical data to be backed up in only one disk, or a subset of the disks and don’t want to back up the rest of the disks attached to a VM to minimize the backup storage costs.
-2. If you have other backup solutions for part of your VM or data. For example, if you back up your databases or data using a different workload backup solution and you want to use Azure VM level backup for the rest of the data or disks to build an efficient and  robust system using the best capabilities available.
+2. If you've other backup solutions for part of your VM or data. For example, if you back up your databases or data using a different workload backup solution and you want to use Azure VM level backup for the rest of the data or disks to build an efficient and  robust system using the best capabilities available.
 
-Using PowerShell or Azure CLI, you can configure selective disk backup of the Azure VM. Using a script, you can include or exclude data disks using their LUN numbers. Currently, the ability to configure selective disks backup through the Azure portal is limited to the **Backup OS Disk only** option. So you can configure backup of your Azure VM with OS disk, and exclude all the data disks attached to it.
+3. If you're using [Enhanced policy](backup-azure-vms-enhanced-policy.md), you can use this solution to exclude unsupported disks (Ultra Disks, Shared Disks) and configure a VM for backup. 
+
+Using PowerShell, Azure CLI, or Azure portal, you can configure selective disk backup of the Azure VM. Using a script, you can include or exclude data disks using their *LUN numbers*. The ability to configure selective disks backup via the Azure portal is limited to the *Backup OS Disk* only for the Standard policy, but can be configured for all data disks for Enhanced policy.
 
 >[!NOTE]
 > The OS disk is by default added to the VM backup and can't be excluded.
@@ -29,6 +37,9 @@ Using PowerShell or Azure CLI, you can configure selective disk backup of the Az
 
 Ensure you're using Az CLI version 2.0.80 or higher. You can get the CLI version with this command:
 
+>[!Note]
+>These CLI steps apply to selective disk backup for VMs using both policies - enhanced and standard.
+
 ```azurecli
 az --version
 ```
@@ -44,7 +55,7 @@ az account set -s {subscriptionID}
 
 ### Configure backup with Azure CLI
 
-During the configure protection operation, you need to specify the disk list setting with an **inclusion** / **exclusion** parameter, giving the LUN numbers of the disks to be included or excluded in the backup.
+During the configure protection operation, you need to specify the disk list setting with an **inclusion**/**exclusion** parameter, giving the *LUN* numbers of the disks to be included or excluded in the backup.
 
 >[!NOTE]
 >The configure protection operation overrides the previous settings, they will not be cumulative.
@@ -288,17 +299,24 @@ Here you can view the backed-up disks during restore, when you select the recove
 
 ![View backed-up disks during restore](./media/selective-disk-backup-restore/during-restore.png)
 
-Configuring the selective disks backup experience for a VM through the Azure portal is limited to  the **Backup OS Disk only** option. To use selective disks backup on already a backed-up VM or for advanced inclusion or exclusion of specific data disks of a VM, use PowerShell or Azure CLI.
+- If you're using Standard policy to back up the VM, configuring the selective disks backup experience for a VM through the Azure portal is limited to  the **Backup OS Disk only** option. To use selective disks backup on already a backed-up VM or for advanced inclusion or exclusion of specific data disks of a VM, use PowerShell or Azure CLI.
+
+- If you're using Enhanced policy to back up the VM, you can select the data disks you want to back up, and optionally choose to include disks added to the VM in future for back up.
 
 >[!NOTE]
 >If data spans across disks, make sure all the dependent disks are included in the backup. If you don’t backup all the dependent disks in a volume, during restore the volume comprising of some non-backed up disks won't be created.
 
-### Backup OS disk only in the Azure portal
+### Backup OS disk only in the Azure portal (Standard policy)
 
 When you enable backup using Azure portal, you can choose the **Backup OS Disk only** option. So you can configure backup of your Azure VM with OS disk, and exclude all data disks attached to it.
 
 ![Configure backup for the OS disk only](./media/selective-disk-backup-restore/configure-backup-operating-system-disk.png)
 
+## Configure Selective Disk Backup in the Azure Portal (Enhanced Policy)
+
+When you enable the backup operation using the Azure portal, you can choose the data disks that you want to include in the backup (the OS disk is always included). You can also choose to include disks that are added in the future for backup automatically by enabling the “Include future disks” option.
+
+
 ## Using Azure REST API
 
 You can configure Azure VM Backup with a few select disks or you can modify an existing VM's protection to include/exclude few disks as documented [here](backup-azure-arm-userestapi-backupazurevms.md#excluding-disks-in-azure-vm-backup).
@@ -315,21 +333,34 @@ Selective disk restore is an added functionality you get when you enable the sel
 
 ## Limitations
 
-Selective disks backup functionality isn't supported for classic virtual machines and encrypted virtual machines. So Azure VMs that are encrypted with Azure Disk Encryption (ADE) using BitLocker for encryption of Windows VM, and the dm-crypt feature for Linux VMs are unsupported.
+Selective disks backup functionality for Standard policy isn't supported for classic virtual machines and encrypted virtual machines. So Azure VMs that are encrypted with Azure Disk Encryption (ADE) using BitLocker for encryption of Windows VM, and the dm-crypt feature for Linux VMs are unsupported. However, VMs with Azure Disk Encryption enabled can use selective disk backup with Enhanced policy.
 
 The restore options to **Create new VM** and **Replace existing** aren't supported for the VM for which selective disks backup functionality is enabled.
 
-Currently, Azure VM backup doesn't support VMs with ultra-disks or shared disks attached to them. Selective disk backup can't be used to in such cases, which exclude the disk and backup the VM.
+Currently, Azure VM backup doesn't support VMs with ultra-disks or shared disks attached to them. Selective disk backup for Standard policy can't be used to in such cases, which exclude the disk and backup the VM. You can use selective disk backup with Enhanced policy to exclude these disks and configure backup.
 
 If you use disk exclusion or selective disks while backing up Azure VM, _[stop protection and retain backup data](backup-azure-manage-vms.md#stop-protection-and-retain-backup-data)_. When resuming backup for this resource, you need to set up disk exclusion settings again.
 
 ## Billing
 
 Azure virtual machine backup follows the existing pricing model, explained in detail [here](https://azure.microsoft.com/pricing/details/backup/).
 
-**Protected Instance (PI) cost** is calculated for the OS disk only if you choose to back up using the **OS Disk only** option.  If you configure backup and select at least one data disk, the PI cost will be calculated for all the disks attached to the VM. **Backup storage cost** is calculated based on only the included disks and so you get to save on the storage cost. **Snapshot cost** is always calculated for all the disks in the VM (both the included and excluded disks).
+### Standard policy
 
-If you have chosen the Cross Region Restore (CRR) feature, then the [CRR pricing](https://azure.microsoft.com/pricing/details/backup/) applies on the backup storage cost after excluding the disk.
+If you're using Standard policy, **Protected Instance (PI) cost** is calculated for the OS disk only if you choose to back up using the **OS Disk only** option.  If you configure backup and select at least one data disk, the PI cost will be calculated for all the disks attached to the VM. **Backup storage cost** is calculated based on only the included disks and so you get to save on the storage cost. **Snapshot cost** is always calculated for all the disks in the VM (both the included and excluded disks).
+
+### Enhanced policy
+
+If you're using Enhanced policy, **Protected Instance (PI)** cost, snapshot cost, and vault tier storage cost are all calculated based on the disks that you've included for backup.
+
+**Known limitations**
+
+| OS type | Limitation |
+| --- | --- |
+| Windows | - **Spanned volumes**:  For spanned volumes (volumes spread across more than one physical disk), ensure that all disks are included in the backup. If not, Azure Backup might not be able to reliably restore the data and exclude it in billing. <br><br> - **Storage pool**: If you're using disks carved out of a storage pool and if a *LUN number* included for backup is common across virtual disks and data disks, the size of the virtual disk is also included in the backup size in addition to the data disks. |
+|	Linux | - **Logical volumes**: For logical volumes spread across more than one disk, ensure that all disks are included in the backup. If not, Azure Backup might not be able to reliably restore the data and exclude it in billing. <br><br> - **Distro support**: Azure Backup uses *lsscsi* and *lsblk* to determine the disks being excluded for backup. If your distro (Debian 8.11, 10.13, and so on) doesn't support *lsscsi*, install it using `sudo apt install lsscsi` to ensure Selective disk backup works. |
+
+If you've chosen the Cross Region Restore (CRR) feature, then the [CRR pricing](https://azure.microsoft.com/pricing/details/backup/) applies on the backup storage cost after excluding the disk.
 
 ## Frequently asked questions
 
@@ -342,11 +373,15 @@ PI cost is calculated based on actual (used) size of the VM.
 
 ### I have configured only OS disk backup, why is the snapshot happening for all the disks?
 
-Selective disk backup features let you save on backup vault storage cost by hardening the included disks that are part of the backup. However, the snapshot is taken for all the disks that are attached to the VM. So the snapshot cost is always calculated for all the disks in the VM (both the included and excluded disks). For more information, see [billing](#billing).
+If you're using standard policy, the Selective disk backup features let you save on backup vault storage cost by hardening the included disks that are part of the backup. However, the snapshot is taken for all the disks that are attached to the VM. So the snapshot cost is always calculated for all the disks in the VM (both the included and excluded disks). For more information, see [billing](#billing).
+
+If you're using Enhanced policy, the snapshot is taken only for the OS disk and the data disks that you've included.
 
 ### I can't configure backup for the Azure virtual machine by excluding ultra disk or shared disks attached to the VM
 
-Selective disk backup feature is a capability provided on top of the Azure virtual machine backup solution. Currently, Azure VM backup doesn't support VMs with ultra-disk or shared disk attached to them.
+If you're using Standard policy, Azure VM backup doesn't support VMs with ultra-disk or shared disk attached to them and it is not possible to exclude them with selective disk backup and then configure backup.
+
+If you're using Enhanced policy, you can exclude the unsupported disks from the backup via selective disk backup (in the Azure portal, CLI, PowerShell, and so on), and configure backup for the VM.
 
 ## Next steps
 
diff --git a/articles/backup/whats-new.md b/articles/backup/whats-new.md
@@ -53,6 +53,16 @@ You can learn more about the new releases by bookmarking this page or by [subscr
 - February 2021
   - [Backup for Azure Blobs (in preview)](#backup-for-azure-blobs-in-preview)
 
+## Support for selective disk backup with enhanced policy for Azure VM (preview)
+
+Azure Backup now provides *Selective Disk backup and restore* capability to Enhanced policy. Using this capability, you can selectively back up a subset of the data disks that are attached to your VM, and then restore a subset of the disks that are available in a recovery point, both from instant restore and vault tier.
+
+This is useful when you:
+
+- Manage critical data in a subset of the VM disks.
+- Use database backup solutions and want to back up only their OS disk to reduce cost. 
+
+For more information, see [Selective disk backup and restore](selective-disk-backup-restore.md).
 
 ## Azure Kubernetes Service backup (preview)
 
