more updates

AbhishekMallick01 · AbhishekMallick01 · commit c528c922f460 · 2025-04-04T15:34:43.000+05:30
diff --git a/articles/backup/azure-data-lake-storage-backup-overview.md b/articles/backup/azure-data-lake-storage-backup-overview.md
@@ -0,0 +1,47 @@
+---
+title: About Azure Data Lake Storage backup
+description: Learn how the Azure Data Lake Storage Gen2 backup works
+ms.topic: overview
+ms.date: 04/03/2025
+author: jyothisuri
+ms.author: jsuri
+ms.custom: engagement-fy24
+--- 
+
+# About Azure Data Lake Storage backup
+
+[Azure Data Lake Storage (ADLS)](/azure/storage/blobs/data-lake-storage-introduction) backup is a simple, cloud-native process you can use to back up and restore your general-purpose v2 storage accounts with a [hierarchical namespace](/azure/storage/blobs/data-lake-storage-namespace). The solution gives you granular control to choose all or specific containers to back up or restore by storing backups in backup vault.
+
+## How does Azure Data Lake Storage Gen2 backup work?
+
+Vaulted backup leverages platform capabilities like snapshots and object replication to copy data to the Backup vault. Object replication asynchronously copies block blobs from a source storage account to a destination backup storage account, including the blob's contents, versions, metadata, and properties.  (Image)
+
+When you configure protection, Azure Backup provisions a destination storage account (managed by Azure Backup within the Backup vault) and establishes an object replication policy at the container level on both the source and destination storage accounts. During a backup job, Azure Backup creates a recovery point marker on the source storage account and monitors the destination for its replication. Once the marker is replicated to the destination, a recovery point is created.
+
+For information about the limitations of the current solution, see the [support matrix](link required).
+
+## Protection
+
+To configure backups for ADLS, you first need to create a Backup vault. The vault gives you a consolidated view of the backups that are configured across different datasources. Vaulted backup is configured at the storage account level, but you have the option to exclude containers that don't require backup. If your storage account has more than 100 containers, you must exclude containers to reduce the count to 100 or below.
+
+Backup schedules and retention settings are managed using a backup policy. You can configure backups to run daily or weekly and specify the timing for creating recovery points. Additionally, you can set different retention periods for backups taken on a daily, weekly, monthly, or yearly basis for up to 10 years. Retention rules are applied in a specific order of priority, with yearly rules taking precedence over monthly and weekly rules. If no other rules apply, default retention settings are used.
+
+Azure backup automatically triggers a scheduled backup job. Object replication asynchronously copies block blobs from a source storage account to a destination backup storage account, including the blob's contents, versions, metadata, and properties as per the backup frequency. The backups are retained in the vault as per the retention duration defined in the backup policy and are deleted once the duration is over.
+
+You can enable backup for multiple storage account in single vault using single or multiple backup policies. Vaulted backups provide long-term data retention for up to 10 years.
+
+### Manage backup
+
+When the backup configuration for an ADLS is finished, a backup instance is created in the Backup vault. You can perform any backup-related operations, such as initiating restores, monitoring, stopping protection, and so on, through its corresponding backup instance.
+
+To configure backup of ADLS and to restore it to an earlier backup, the Backup vault's managed identity requires certain permissions on the storage accounts that need to be protected or restored to. For convenience of use, these minimum permissions have been consolidated under the Storage Account Backup Contributor role.
+
+We recommend you assign this role to the Backup vault before you configure backup. However, you can also perform the role assignment while configuring backup. A managed identity is a special type of service principle that can be used only with Azure resources. Learn more about [managed identities](/azure/active-directory/managed-identities-azure-resources/overview).
+
+### Restore
+
+You can restore data from any point in time where a recovery point exists. Recovery points are created when a storage account is in a protected state and remain available for restoration as long as they fall within the retention period defined by the backup policy. You can choose to perform a granular recovery by selecting specific containers, applying a prefix-based filter, or restoring the entire storage account.
+
+If you want to restore the recovery point to different subscription, then at present that also needs to be whitelisted by Azure backup team. You can use the same sign-up form to request this.
+
+Currently, the vaulted backup solution supports restoring data only to a different storage account within the same region as the vault. However, restoring data from older recovery points may result in a longer recovery time (higher RTO).
diff --git a/articles/backup/azure-data-lake-storage-backup-support-matrix.md b/articles/backup/azure-data-lake-storage-backup-support-matrix.md
@@ -0,0 +1,84 @@
+---
+title: Support matrix for Azure Data Lake Storage Gen2 backup
+description: Provides a summary of support settings and limitations when backing up Azure Data Lake Storage Gen2 files.
+ms.topic: reference
+ms.date: 04/03/2025
+ms.custom: references_regions, engagement-fy24
+ms.service: azure-backup
+author: jyothisuri
+ms.author: jsuri
+---
+
+# Support matrix for Azure Data Lake Storage Gen2 backup
+
+This article summarizes the regional availability, supported scenarios, and limitations of vaulted backups of Azure Data Lake Storage Gen2.
+
+## Supported regions
+
+Vaulted backups of Azure Data Lake Storage Gen2 is available in the following regions: France South, India Central, India West, East Asia, and Southeast Asia.
+
+## Supported storage accounts
+
+The following table lists the supported storage account details:
+
+| **Storage  account details** | &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Support**                                                      |
+| ------------------------ | ------------------------------------------------------------ |
+| Account  Kind            | <ul><li>Only block blobs in a *standard general-purpose v2 HNS-enabled storage accounts*.<br><li>*Accounts using NFS 3.0, and SFTP protocols* for blobs are currently not supported.</ul>|
+| Redundancy              | <ul><li>Only LRS & ZRS enabled storage account.</ul> |
+| Tier              | <ul><li>Hot, Cool, and Cold tier blobs are supported.<br><li>Archive tier blob backup isn't supported.</ul> |
+
+## Protection limits
+
+The following table lists the protection setting limits:
+
+| **Setting** | **Limit**                                                      |
+| ------------------------------------------------------------ | ----- |
+| Maximum number of containers in a storage account that can be protected | 100 |
+| Vault redundancy              | LRS/ZRS|
+
+
+- To back up any new containers that get created after backup configuration for the storage account, modify the protection of the storage account. These containers aren't backed up automatically.
+- The storage accounts to be backed up must contain a *minimum of one container*. If the storage account doesn't contain any containers or if no containers are selected, an error may appear when you configure backup.
+- The backup operation isn't supported for blobs that are uploaded by using [Data Lake Storage APIs](https://learn.microsoft.com/rest/api/storageservices/data-lake-storage-gen2). 
+- Similarly, if you delete and recreate a container with the same name, **Object Replication** doesn't track the change, and future Recovery Points still include the previous blobs and versions.
+- Backup vaults with User-Assigned Managed Identity (UAMI) aren't compatible with Azure Blob Vaulted backups. Only System-Assigned Managed Identity (SAMI) works, because the vault needs to access the storage account where the blobs are stored. The vault uses its system-assigned managed identity for this access.
+- Enabling backups isn't supported for the blob container that are configured with native replication using data factory.
+- You can protect the storage account with the vault in another subscription but in the same region as storage account.
+- Archive tier for vault is currently not supported.
+
+
+## Backup limits
+
+The following table lists the Backup setting limits:
+
+| **Setting** | **Limit**                                                      |
+| ------------------------ | ------------------------------------------------------------ |
+| Maximum number of on-demand backups per day             | 4|
+| Maximum number of scheduled backups per day             | 1|
+
+- If you suspend and resume protection or delete the **Object Replication policy** on the **source storage account**, the policy triggers a full backup.
+
+## Retention limits
+
+The following table lists the Retention setting limits:
+
+| **Setting** | **Limit**                                                      |
+| ------------------------ | ------------------------------------------------------------ |
+| Maximum retention of daily recovery points             | 3650 days|
+| Maximum retention of weekly recovery points             | 521 weeks|
+| Maximum retention of monthly recovery points             | 120 months|
+| Maximum retention of yearly recovery points             | 10 years|
+
+## Supported restore methods
+
+The following table lists the Retention setting limits:
+
+| **Setting** | **Limit**                                                      |
+| ------------------------ | ------------------------------------------------------------ |
+| Full restore             | You can restore the complete storage account to an alternate location.|
+| Containers restore       | You can select one or more containers or use prefix to filter specific containers to restore.|
+
+- Cool and Cold tier blobs are restored in Hot tier.
+- Restore to the source storage account is not supported. 
+- The target storage selected for restore should not have any container with same name.
+
diff --git a/articles/backup/azure-data-lake-storage-configure-backup.md b/articles/backup/azure-data-lake-storage-configure-backup.md
@@ -15,10 +15,10 @@ This article describes how to configure backup for Azure Data Lake Storage using
 
 Before you configure backup for Azure Data Lake Storage, ensure the following prerequisites are met:
 
-- The storage account must be in a supported region and of the required types. See the support matrix.
+- The storage account must be in a supported region and of the required types. See the [support matrix](azure-data-lake-storage-backup-support-matrix.md).
 - Vaulted backup restores are only possible to a different storage account. Ensure the target account has no containers with the same names as those in a recovery point—any conflicts will cause the restore to fail.
 
-For more information about the supported scenarios, limitations, and availability, see the support matrix.
+For more information about the supported scenarios, limitations, and availability, see the [support matrix](azure-data-lake-storage-backup-support-matrix.md).
 
 ## Create a Backup vault
 
@@ -94,7 +94,7 @@ You can track the progress of the backup configuration under **Backup instances*
 
 ## Next steps
 
-Restore Azure Data Lake Storage using Azure portal (preview)
+[Restore Azure Data Lake Storage using Azure portal (preview)](azure-data-lake-storage-restore.md).
  
 
 
diff --git a/articles/backup/azure-data-lake-storage-restore.md b/articles/backup/azure-data-lake-storage-restore.md
@@ -0,0 +1,55 @@
+---
+title: Restore Azure Data Lake Storage Gen  2 using Azure portal (preview)
+description: Learn how to restore Azure Data Lake Storage Gen 2 from vaulted  backups using Azure portal (preview).
+ms.topic: how-to
+ms.date: 04/16/2025
+author: jyothisuri
+ms.author: jsuri
+---
+
+# Restore Azure Data Lake Storage Gen  2 using Azure portal (preview)
+
+This article describes how to restore Azure Data Lake Storage Gen 2 from vaulted  backups using Azure portal (preview).
+
+## Prerequisites
+
+Before you restore Azure Data Lake Storage Gen 2, ensure the following prerequisites are met:
+
+- Vaulted backups only support restoring data to another storage account, which is different from the one that was backed up.
+- The Backup vault must have the **Storage account backup contributor** role assigned to the target storage account to which the backup data needs to be restored.
+- Cool and cold tier blobs are restored in hot tier.
+- The target storage account selected for restore must not have any container with same name.
+- The target storage account must be in same location as source storage account and vault.
+
+Learn more about the [supported scenarios, limitations, and region availability for Azure Data Lake Storage Gen 2 backup/restore (preview)](azure-data-lake-storage-backup-support-matrix.md).
+
+## Restore the storage data from vaulted backups
+
+To  restore Azure Data Lake Storage Gen 2 from vaulted  backups, follow these steps:
+
+1. In the Azure portal, go to the **Backup vault**, and then select **Backup Instances**.
+1. On the **Backup Instances** pane, select the storage account with Data Lake Storage, and then select **Restore**. 
+1. On the **Restore** pane, on the **Restore point** tab, under **Restore Point**, click **Select restore point** to choose an alternate restore point.
+
+   By default, the latest restore point is selected. 
+
+1. On the **Select restore point** pane, select the required restore point from the list.
+1. On the **Restore parameters** tab, under **Restore configuration**, click **Select** to specify restore configuration parameters.
+1. On the **Restore destination** pane, under **Select option to restore the blobs**,  choose one of these options:
+
+   - **Restore all backed-up containers**: This option restores all backed-up containers in the storage account.
+     Select the  **Target subscription**  in which the target storage account is present, and then select **Target storage account** where the data needs to be restored.
+
+   - **Browse and select containers to restore**: This option allows you to browse and select up to **100 containers** to restore. 
+    (Optional) Specify a set of prefixes to restore specific blobs within a container. To provide the list of prefixes, select **Add/Edit** containers corresponding to each container that you select for restore.
+ 
+   >[!Note]
+   >You must have sufficient permission to view the containers in the storage account, or you can't see the contents of the storage account. 
+
+1. On the **Restore parameters** tab, select **Validate** to ensure that the required permissions to perform the restore are assigned to the backed-up storage accounts with Data Lake selections. 
+
+   If the validation fails, select **Assign missing roles** to grant permissions. See the [prerequisites](#prerequisites) for the required roles.
+1. After the validation succeeds, select **Review + restore** and restore the backups to the selected Data Lake Storage.
+ 
+You can track the progress of restore under **Backup Jobs**. 
+ 
diff --git a/articles/backup/whats-new.md b/articles/backup/whats-new.md
@@ -2,7 +2,7 @@
 title: What's new in the Azure Backup service
 description: Learn about the new features in the Azure Backup service.
 ms.topic: release-notes
-ms.date: 03/10/2025
+ms.date: 04/16/2025
 ms.service: azure-backup
 ms.custom:
   - ignite-2023
@@ -17,6 +17,8 @@ Azure Backup is constantly improving and releasing new features that enhance the
 You can learn more about the new releases by bookmarking this page or by [subscribing to updates here](https://azure.microsoft.com/updates/?query=backup).
 
 ## Updates summary
+- April 2025
+  - [Vaulted backup support for  Azure Data Lake Storage Gen 2 (preview)](#vaulted-backup-support-for-azure-data-lake-storage-gen-2-preview)
 - March 2025
   - [Vaulted backup support for Azure Files is now generally available](#vaulted-backup-support-for-azure-files-is-now-generally-available)
 
@@ -104,11 +106,21 @@ You can learn more about the new releases by bookmarking this page or by [subscr
 - February 2021
   - [Backup for Azure Blobs (in preview)](#backup-for-azure-blobs-in-preview)
 
+## Vaulted backup support for  Azure Data Lake Storage Gen 2 (preview)
+
+Azure Backup now supports vaulted backups for block blob data in Azure Data Lake Storage (Gen 2 storage account with [hierarchical namespace](/azure/storage/blobs/data-lake-storage-namespace)), enhancing data protection against ransomware and accidental loss. You can schedule backups, set retention policies, and store recovery points securely in the Backup vault for up to **10 years**. If there is data loss in the source storage account, you can  restore to an alternate account. Security features such as [Immutable vault](backup-azure-immutable-vault-concept.md?tabs=backup-vault) and [Soft delete](backup-azure-security-feature-cloud.md) protect your backup data.
+
+>[!Note]
+>This feature is currently in limited preview and is available in specific regions only. See the supported regions.
+>To enroll in this preview feature, fill this form and write to [AskAzureBackupTeam@microsoft.com](mailto:AskAzureBackupTeam@microsoft.com).
+
+For more information, see [Overview of Azure Data Lake Storage backup (preview)](azure-data-lake-storage-backup-overview.md).
+
 ## Vaulted backup support for Azure Files is now generally available
 
 Azure Backup now supports vaulted backup File Shares in standard storage accounts to protect against ransomware and data loss. You can define backup schedules and retention settings to store data in the Backup vault for up to 10 years.
 
-Vaulted backups provide an offsite copy of your data. In case of data loss on the source account, you can restore it to an alternate account. You can manage vaulted backups at scale via Azure Business Continuity Center and monitor them using Azure Backup's alerting and reporting features.
+Vaulted backups provide an offsite copy of your data. If there is data loss on the source account, you can restore it to an alternate account. You can manage vaulted backups at scale via Azure Business Continuity Center and monitor them using Azure Backup's alerting and reporting features.
 
 We recommend switching from snapshot backups to vaulted backups for comprehensive protection against data loss.
 
