Skip to content

Commit c195189

Browse files
authored
Merge pull request #33983 from MicrosoftDocs/main
05/01/2025 AM Publishing
2 parents 9eae0cd + 2d93900 commit c195189

File tree

6 files changed

+132
-61
lines changed

6 files changed

+132
-61
lines changed

azure-sql/database/long-term-retention-overview.md

Lines changed: 46 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,36 +1,45 @@
11
---
2-
title: "Long-term backup retention"
2+
title: "Long-Term Retention Backups"
33
titleSuffix: Azure SQL Database & Azure SQL Managed Instance
44
description: Learn how Azure SQL Database & Azure SQL Managed Instance support storing full database backups for up to 10 years via the long-term retention policy.
55
author: WilliamDAssafMSFT
66
ms.author: wiassaf
7-
ms.reviewer: dinethi, mathoma, randolphwest
8-
ms.date: 06/18/2024
7+
ms.reviewer: dinethi, mathoma, randolphwest, strrodic
8+
ms.date: 05/01/2025
99
ms.service: azure-sql
1010
ms.subservice: backup-restore
1111
ms.topic: conceptual
12-
monikerRange: "=azuresql||=azuresql-db||=azuresql-mi"
12+
monikerRange: "=azuresql || =azuresql-db || =azuresql-mi"
1313
---
14-
# Long-term retention - Azure SQL Database and Azure SQL Managed Instance
14+
# Long-term retention backups - Azure SQL Database and Azure SQL Managed Instance
15+
1516
[!INCLUDE [appliesto-sqlmi](../includes/appliesto-sqldb-sqlmi.md)]
1617

17-
This article provides a conceptual overview of long-term retention of backups for Azure SQL Database and Azure SQL Managed Instance. Long-term retention can be configured for up to 10 years on backups for Azure SQL Database (including in the Hyperscale service tier), and Azure SQL Managed Instance.
18+
This article provides a conceptual overview of long-term retention (LTR) backups for Azure SQL Database and Azure SQL Managed Instance. Long-term retention can be configured for up to 10 years on backups for Azure SQL Database (including in the Hyperscale service tier) and Azure SQL Managed Instance.
1819

19-
To get started, see configure long-term backup retention for [Azure SQL Database](long-term-backup-retention-configure.md) and [Azure SQL Managed Instance](../managed-instance/long-term-backup-retention-configure.md).
20+
To get started using the long-term retention backup feature, see:
21+
- [Manage Azure SQL Database long-term backup retention](long-term-backup-retention-configure.md)
22+
- [Manage Azure SQL Managed Instance long-term backup retention](../managed-instance/long-term-backup-retention-configure.md)
2023

2124
## How long-term retention works
2225

23-
Many applications have regulatory, compliance, or other business reasons that require you to retain database backups beyond the 1-35 days provided by the short-term retention period of automatic backups. Long-term backup retention (LTR) relies on the full database backups that are automatically created by the Azure SQL service. For more information, see automated backups in [Azure SQL Database](automated-backups-overview.md?view=azuresql-db&preserve-view=true) or [Azure SQL Managed Instance](../managed-instance/automated-backups-overview.md?view=azuresql-mi&preserve-view=true).
26+
Many applications have regulatory, compliance, or other business reasons that require you to retain database backups beyond the 1-35 days provided by the short-term retention period of automatic backups. Long-term backup retention (LTR) relies on the full database backups that are automatically created by the Azure SQL service. For more information, see [Automated backups in Azure SQL Database](automated-backups-overview.md?view=azuresql-db&preserve-view=true) or [Automated backups in Azure SQL Managed Instance](../managed-instance/automated-backups-overview.md?view=azuresql-mi&preserve-view=true).
2427

25-
By using the LTR feature, you can store specified full SQL Database and SQL Managed Instance backups in redundant Azure Blob storage with a configurable retention policy of up to 10 years. LTR backups can then be restored as a new database. If an LTR policy is configured, automated backups are copied to different blobs for long-term storage which you can then use to restore your database to a specific point in time. The copy is a background job that has no performance impact on the database workload. The LTR policy for each database in SQL Database can also specify how frequently the LTR backups are created.
28+
By using the LTR feature, you can store specified full SQL Database and SQL Managed Instance backups in redundant Azure Blob storage with a configurable retention policy of up to 10 years. LTR backups can then be restored as a new database. If an LTR policy is configured, automated backups are copied to different blobs for long-term storage which you can then use to restore your database to a specific point in time. The copy process is a background job that has no performance impact on the database workload. The LTR policy for each database can also specify how frequently the LTR backups are created.
2629

2730
> [!NOTE]
28-
> - It's not currently possible to configure backups of Azure SQL Database and Azure SQL Managed Instance as [immutable](/azure/storage/blobs/immutable-storage-overview). LTR backups are non-modifiable, but you can be delete them through Azure portal, Azure CLI, PowerShell or REST API. For more information, see [Configure LTR backups](../managed-instance/long-term-backup-retention-configure.md).
29-
> - In Azure SQL Managed Instance, use SQL Agent jobs to schedule [copy-only database backups](/sql/relational-databases/backup-restore/copy-only-backups-sql-server?view=azuresqldb-mi-current&preserve-view=true) and keep them on your own storage account. This could be an alternative to LTR functionality that can keep your backups up to 10 years.
31+
> It's not currently possible to configure backups of Azure SQL Database and Azure SQL Managed Instance as [immutable](/azure/storage/blobs/immutable-storage-overview). LTR backups are nonmodifiable, but you can delete them through Azure portal, Azure CLI, PowerShell, or REST API.
32+
>
33+
> As a workaround in Azure SQL Managed Instance, you can take [copy-only database backups](/sql/relational-databases/backup-restore/copy-only-backups-sql-server?view=azuresqldb-mi-current&preserve-view=true) and retain them in your own Azure Storage account as an immutable file.
34+
3035

3136
To enable LTR, you can define a policy using a combination of four parameters: weekly backup retention (W), monthly backup retention (M), yearly backup retention (Y), and week of the year (WeekOfYear). If you specify W, one backup every week is copied to long-term storage. If you specify M, the first backup of each month is copied to the long-term storage. If you specify Y, one backup during the week specified by WeekOfYear is copied to the long-term storage. If the specified WeekOfYear is in the past when the policy is configured, the first LTR backup is created the following year. Each backup is kept in long-term storage according to the policy parameters that are configured when the LTR backup is created.
3237

33-
Any change to the LTR policy applies _only to future backups_. For example, if weekly backup retention (W), monthly backup retention (M), or yearly backup retention (Y) is modified, the new retention setting will only apply to new backups. The retention of existing backups will not be modified. If your intention is to delete old LTR backups before their retention period expires, you will need to [manually delete the backups](./long-term-backup-retention-configure.md#delete-ltr-backups).
38+
Changes to the LTR policy apply only to future backups. For example, if you modify the weekly backup retention (W), monthly backup retention (M), or yearly backup retention (Y), the new retention setting only applies to new backups. The retention of existing backups isn't modified. The LTR policy can be configured for each database in Azure SQL Database and Azure SQL Managed Instance. If you intend to delete old LTR backups before their retention period expires, you can [manually delete the backups](./long-term-backup-retention-configure.md#delete-ltr-backups).
39+
40+
> [!NOTE]
41+
> In both Azure SQL Database and Azure SQL Managed Instance, when you enable an LTR policy for the first time for a database, and the policy specifies a yearly retention, the most recent full backup from point-in-time-restore (PITR) is copied to long term storage.
42+
3443

3544
Examples of the LTR policy:
3645

@@ -52,7 +61,7 @@ Examples of the LTR policy:
5261

5362
The following table illustrates the cadence and expiration of the long-term backups for the following policy:
5463

55-
`W=12 weeks` (84 days), `M=12 months` (365 days), `Y=10 years` (3650 days), `WeekOfYear=20` (the week after May 13)
64+
`W=12 weeks` (84 days), `M=12 months` (365 days), `Y=10 years` (3,650 days), `WeekOfYear=20` (the week after May 13)
5665

5766
The following dates are in ISO 8601 (`YYYY-MM-DD`).
5867

@@ -85,34 +94,46 @@ The following dates are in ISO 8601 (`YYYY-MM-DD`).
8594
|2018-08-22 | 2018-11-14 | | |
8695
|2018-08-29 | 2018-11-21 | | |
8796

88-
If you modify the above policy and set `W=0` (no weekly backups), the service only retains the monthly and yearly backups. No weekly backups are stored under the LTR policy. The storage amount needed to keep these backups reduces accordingly.
97+
If you modify this policy and set `W=0` (no weekly backups), the weekly backups are retained until they expire, and then the service only retains the monthly and yearly backups. No future weekly backups are stored under the LTR policy. The storage amount needed to keep these backups reduces accordingly.
8998

9099
> [!IMPORTANT]
91-
> The timing of individual LTR backups is controlled by Azure SQL Database. You cannot manually create an LTR backup or control the timing of the backup creation. After configuring an LTR policy, it might take up to 7 days before the first LTR backup will show up on the list of available backups.
100+
> The timing of individual LTR backups is controlled by Microsoft. You can't manually create an LTR backup or control the timing of the backup creation. After you configure an LTR policy, it might take up to seven days before the first LTR backup shows up on the list of available backups.
92101
>
93-
> If you delete a logical server or a managed instance, all databases on that server or managed instance are also deleted and can't be recovered. You can't restore a deleted server or managed instance. However, if you had configured LTR for a database or managed instance, LTR backups are not deleted, and they can be used to restore databases on a different server or managed instance in the same subscription, to a point in time when an LTR backup was taken.
102+
> If you delete a logical server or a SQL managed instance, all databases on that server or managed instance are also deleted. You can't restore a deleted logical server or SQL managed instance. However, if you had configured LTR for a database, LTR backups aren't deleted and can be used to restore databases to a different server or managed instance in the same subscription, to a point in time when an LTR backup was taken.
94103
>
95-
> Similarly, if you delete a database, LTR backups are not deleted and are retained for the configured retention period. These backups can be restored to the same server or a different server in the same subscription.
104+
> Similarly, if you delete a database, LTR backups aren't deleted and are retained for the configured retention period. These backups can be restored to the same server or a different server in the same subscription.
96105
97106
## Geo-replication and long-term backup retention
98107

99-
If you're using active geo-replication or failover groups as your business continuity solution, you should prepare for eventual failovers and configure the same LTR policy on the secondary database or instance. Your LTR storage cost doesn't increase, as backups aren't generated from the secondaries. The backups are only created when the secondary becomes primary. It ensures noninterrupted generation of the LTR backups when the failover is triggered and the primary moves to the secondary region.
108+
If you're using active geo-replication or failover groups as your business continuity solution, prepare for eventual failovers and configure the same LTR policy on the secondary database or instance as you have on the primary. Your LTR storage cost doesn't increase, as backups aren't generated from secondaries. Backups are only created after the secondary becomes primary to ensure uninterrupted generation of LTR backups when a failover is triggered and the primary moves to the secondary region.
100109

101-
> [!NOTE]
102-
> When the original primary database recovers from an outage that caused the failover, it becomes a new secondary. Therefore, the backup creation will not resume, and the existing LTR policy doesn't take effect until it becomes the primary again.
110+
When the original primary database recovers from an outage that caused the failover, it becomes the new secondary. Therefore, the backup creation won't resume on the new secondary, and the existing LTR policy doesn't take effect until it becomes the primary again.
103111

104112
## Configure long-term backup retention
105113

106114
You can configure long-term backup retention using the Azure portal and PowerShell for Azure SQL Database and Azure SQL Managed Instance. To restore a database from the LTR storage, you can select a specific backup based on its timestamp. The database can be restored to any existing server or managed instance under the same subscription as the original database.
107115

108-
To learn how to configure long-term retention or restore a database from backup for SQL Database using the Azure portal or PowerShell, see [Manage Azure SQL Database long-term backup retention](long-term-backup-retention-configure.md?view=azuresql-db&preserve-view=true).
116+
- [Manage Azure SQL Database long-term backup retention](long-term-backup-retention-configure.md?view=azuresql-db&preserve-view=true).
117+
- [Manage Azure SQL Managed Instance long-term backup retention](../managed-instance/long-term-backup-retention-configure.md?view=azuresql-mi&preserve-view=true).
109118

110-
To learn how to configure long-term retention or restore a database from backup for SQL Managed Instance using the Azure portal or PowerShell, see [Manage Azure SQL Managed Instance long-term backup retention](../managed-instance/long-term-backup-retention-configure.md?view=azuresql-mi&preserve-view=true).
119+
When a restore request is initiated in the final seven days of the LTR retention period, the LTR backup is only deleted after the restore operation is completed, even if the retention period has expired.
111120

112-
When a restore request is initiated in the final 7 days of the LTR retention period, Azure will automatically extend the expiration date of all backups +7 days, to prevent an LTR backup from expiring during the restore.
113121

114-
> [!NOTE]
115-
> If you are using LTR backups to meet compliance or other mission-critical requirements, consider conducting periodic recovery drills to verify that LTR backups can be restored, and that the restore results in the expected database state.
122+
In Azure SQL Managed Instance, you can use SQL Agent jobs to schedule [copy-only database backups](/sql/relational-databases/backup-restore/copy-only-backups-sql-server?view=azuresqldb-mi-current&preserve-view=true) and move them to your own storage account as an alternative to:
123+
- Keep backups for longer than 10 years.
124+
- Keep daily copies of your databases for longer than 35 days.
125+
- Store database backups on immutable storage.
126+
127+
> [!TIP]
128+
> If you're using LTR backups to meet compliance or other mission-critical requirements, consider conducting periodic recovery drills to verify that LTR backups can be restored, and that the restore results in the expected database state.
129+
130+
## Next step
131+
132+
> [!div class="nextstepaction"]
133+
> [Manage Azure SQL Database long-term backup retention](long-term-backup-retention-configure.md?view=azuresql-db&preserve-view=true)
134+
135+
> [!div class="nextstepaction"]
136+
> [Manage Azure SQL Managed Instance long-term backup retention](../managed-instance/long-term-backup-retention-configure.md?view=azuresql-mi&preserve-view=true)
116137
117138
## Related content
118139

@@ -122,8 +143,3 @@ Because database backups protect data from accidental corruption or deletion, th
122143
- [Business continuity overview for Azure SQL Managed Instance](../managed-instance/business-continuity-high-availability-disaster-recover-hadr-overview.md?view=azuresql-mi&preserve-view=true)
123144
- [Automated backups in Azure SQL Database](automated-backups-overview.md?view=azuresql-db&preserve-view=true)
124145
- [Automated backups in Azure SQL Managed Instance](../managed-instance/automated-backups-overview.md?view=azuresql-mi&preserve-view=true)
125-
126-
For a tutorial on configuring and managing LTR backups, visit:
127-
128-
- [Manage Azure SQL Database long-term backup retention](long-term-backup-retention-configure.md?view=azuresql-db&preserve-view=true)
129-
- [Manage Azure SQL Managed Instance long-term backup retention](../managed-instance/long-term-backup-retention-configure.md?view=azuresql-mi&preserve-view=true)

azure-sql/managed-instance/data-virtualization-overview.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -102,14 +102,14 @@ WITH IDENTITY = 'Managed Identity'
102102

103103
**Shared access signature (SAS)** provides delegated access to files in a storage account. SAS gives you granular control over the type of access you grant, including validity interval, granted permissions, and acceptable IP address range. Once the SAS token is created, it cannot be revoked or deleted and it allows access until its validity period expires.
104104

105-
You can get an SAS token multiple ways:
105+
You can get a SAS token multiple ways:
106106
- Navigate to the **Azure portal -> <Your_Storage_Account> -> Shared access signature -> Configure permissions -> Generate SAS and connection string**. For more information, see [Generate a shared access signature](/azure/storage/blobs/blob-containers-portal#generate-a-shared-access-signature).
107-
- [Create and configure an SAS with Azure Storage Explorer](/azure/vs-azure-tools-storage-explorer-blobs#get-the-sas-for-a-blob-container).
108-
- You can create an SAS programmatically via PowerShell, Azure CLI, .NET, and REST API. For more information, see [Grant limited access to Azure Storage resources using shared access signatures (SAS)](/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json).
107+
- [Create and configure a SAS with Azure Storage Explorer](/azure/vs-azure-tools-storage-explorer-blobs#get-the-sas-for-a-blob-container).
108+
- You can create a SAS token programmatically via PowerShell, Azure CLI, .NET, and REST API. For more information, see [Grant limited access to Azure Storage resources using shared access signatures (SAS)](/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json).
109109

110110
Grant **Read** and **List** permissions via the SAS to access external data. Currently, data virtualization with Azure SQL Managed Instance is read-only.
111111

112-
When an SAS token is generated, it includes a question mark (`?`) at the beginning of the token. To use the token, you must remove the question mark (`?`) when creating a credential. For example:
112+
When a SAS token is generated, it includes a question mark (`?`) at the beginning of the token. To use the token, you must remove the question mark (`?`) when creating a credential. For example:
113113

114114
```sql
115115
-- Optional: Create MASTER KEY if it doesn't exist in the database:

data-migration/sql-server/managed-instance/guide.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ This section provides high-level steps to migrate from SQL Server to Azure SQL M
6161
To migrate with LRS, follow these steps:
6262

6363
1. Create an [Azure storage account](/azure/storage/common/storage-account-create?tabs=azure-portal) with a [blob container](/azure/storage/blobs/storage-quickstart-blobs-portal).
64-
1. Authenticate to your Blob Storage storage account using an SAS token or a managed identity and validate access.
64+
1. Authenticate to your Blob Storage storage account using a SAS token or a managed identity and validate access.
6565
1. Be sure to [configure your folder structure correctly](/azure/azure-sql/managed-instance/log-replay-service-migrate#migrate-multiple-databases) if you plan to migrate multiple databases.
6666
1. Upload your backups to your storage account by either copying your backups, or taking backups directly by using the [BACKUP TO URL](/sql/relational-databases/backup-restore/sql-server-backup-to-url).
6767
1. Determine if you want to run LRS in autocomplete or continuous mode.

0 commit comments

Comments
 (0)