Add support for Azure Blob Storage backup policies and instances
This commit is contained in:
29
README.md
29
README.md
@@ -21,6 +21,22 @@ This module creates an Azure Data Protection Backup Vault with the specified nam
|
||||
|
||||
**SnapshotStore** is a legacy/compatibility datastore value that appears in provider schemas and older patterns. For newer Azure Backup workflows, Microsoft guidance and examples more often emphasize `OperationalStore` and `VaultStore`, with `OperationalStore` generally preferred over snapshot-style behavior for active operational protection.
|
||||
|
||||
## Protecting Resources
|
||||
|
||||
This module can protect multiple resource types. Azure Blob Storage is the first supported resource type, and additional types will be added over time.
|
||||
|
||||
### Azure Blob Storage
|
||||
|
||||
Use `blob_backup_policies` to define one or more Blob backup policy profiles, and `protected_blob_storage_accounts` to map each storage account to a selected policy via `backup_policy_key`.
|
||||
|
||||
For each protected storage account, you can optionally set:
|
||||
|
||||
- `container_names` to protect specific containers (when omitted/null, all containers are included)
|
||||
- `backup_instance_location` to override backup instance location
|
||||
- `backup_instance_name` to override backup instance naming
|
||||
|
||||
Note: the `Storage Account Backup Contributor` role assignment for the vault identity should be configured by the caller (for example, using a separate IAM module).
|
||||
|
||||
## Module Inputs, Outputs, and Examples
|
||||
|
||||
### Variables
|
||||
@@ -39,6 +55,17 @@ This module creates an Azure Data Protection Backup Vault with the specified nam
|
||||
- `type`: Identity type. Allowed values: `SystemAssigned`, `UserAssigned`, `SystemAssigned, UserAssigned`.
|
||||
- `identity_ids`: Optional list of user-assigned identity IDs (required when `type = "UserAssigned"`).
|
||||
- `tags`: A map of tags to apply to the backup vault.
|
||||
- `protected_blob_storage_accounts`: Map of Blob Storage accounts to protect. Each object supports:
|
||||
- `id`: Storage account resource ID (required).
|
||||
- `container_names`: Optional container filter list (null/omitted means all containers).
|
||||
- `backup_instance_location`: Optional override for backup instance location.
|
||||
- `backup_instance_name`: Optional override for backup instance name.
|
||||
- `backup_policy_key`: Optional key selecting an entry from `blob_backup_policies`.
|
||||
- `blob_backup_policies`: Map of Blob backup policy definitions. Each object supports:
|
||||
- `name`: Optional policy name.
|
||||
- `backup_repeating_time_intervals`: Optional schedule list in ISO 8601 repeating interval format.
|
||||
- `operational_default_retention_duration`: Optional operational retention duration (ISO 8601 duration).
|
||||
- `vault_default_retention_duration`: Optional vaulted retention duration (ISO 8601 duration).
|
||||
|
||||
### Outputs
|
||||
|
||||
@@ -46,6 +73,8 @@ This module creates an Azure Data Protection Backup Vault with the specified nam
|
||||
- `backup_vault_name`: The name of the created backup vault.
|
||||
- `backup_vault_identity_principal_id`: Principal ID of the assigned managed identity, if configured.
|
||||
- `backup_vault_identity_tenant_id`: Tenant ID of the assigned managed identity, if configured.
|
||||
- `backup_policy_blob_storage_ids`: Map of Blob backup policy IDs keyed by policy key.
|
||||
- `backup_instance_blob_storage_ids`: Map of Blob backup instance IDs keyed by protected account key.
|
||||
|
||||
### Example Usage
|
||||
|
||||
|
||||
Reference in New Issue
Block a user