Update periodic backup storage redundancy for Azure Cosmos DB

Article
2024-09-03

APPLIES TO: NoSQL MongoDB Cassandra Gremlin Table

Azure Cosmos DB period mode backup data is replicated in different ways. If the primary region supports paired regions then, by default, Azure Cosmos DB stores periodic mode backup data in geo-redundant blob storage that is replicated to the pair. You can override the default backup storage redundancy. Alternatively, if you use a non-paired region, you need to explicitly choose the backup storage redundancy. This article explains how to update the backup storage redundancy using Azure CLI and PowerShell. It also shows how to configure an Azure policy on your accounts to enforce the required storage redundancy.

Prerequisites

An existing Azure Cosmos DB account.
- If you have an Azure subscription, create a new account.
- If you don't have an Azure subscription, create a free account before you begin.
- Alternatively, you can try Azure Cosmos DB free before you commit.

Update storage redundancy

Use the following steps to update backup storage redundancy.

Sign in to the Azure portal and navigate to your Azure Cosmos DB account.
Open the Backup & Restore pane, update the backup storage redundancy and select Submit. It takes few minutes for the operation to complete.

Ensure you have the latest version of Azure CLI or a version higher than or equal to 2.30.0. If you have the cosmosdb-preview extension installed, make sure to remove it.
Use the az cosmosdb locations show command to get the backup redundancy options available in the regions where your account exists.
```
az cosmosdb locations show \
      --___location <region-name>
```
The output should include JSON similar to this example:
```
{
  "id": "subscriptionId/<Subscription_ID>/providers/Microsoft.DocumentDB/locations/eastus/",
  "name": "East US",
  "properties": {
    "backupStorageRedundancies": [
      "Geo",
      "Zone",
      "Local"
    ],
    "isResidencyRestricted": false,
    "supportsAvailabilityZone": true
  },
  "type": "Microsoft.DocumentDB/locations"
}
```
Note

The previous command shows a list of backup redundancies available in the specific region. Supported values are displayed in the backupStorageRedundancies property. For example some regions may support up to three redundancy options: Geo, Zone, and Local. Other regions may support a subset of these options. Before updating, choose the backup storage redundancy option that is supported in all the regions your Azure Cosmos DB account uses.
Use the az cosmosdb update command with the chosen backup redundancy option to update the backup redundancy on an existing account.
```
az cosmosdb update \
    --resource-group <resource-group-name> \
    --name <account_name> \
    --backup-redundancy Zone
```

Alternatively, use the az cosmosdb create command to create a new account with the chosen backup redundancy option.

az cosmosdb create \
    --resource-group <resource-group-name> \
    --name <account-name> \
    --backup-redundancy Geo \
    --locations regionName=<azure-region>

Install the latest version of Azure PowerShell or a version higher than or equal to 1.4.0.

$parameters = @{
    Name = "Az.CosmosDB"
    RequiredVersion = "1.4.0"
}
Install-Module @parameters

Use the Get-AzCosmosDBLocation cmdlet to get the backup redundancy options available in the regions where your account exists.
```
$parameters = @{
    Location = "<azure-region>"
}
(Get-AzCosmosDBLocation @parameters).Properties
```
The output should include content similar to this example:
```
SupportsAvailabilityZone IsResidencyRestricted BackupStorageRedundancies
------------------------ --------------------- -------------------------
                    True                 False {Geo, Zone, Local}
```
Note

The previous command shows a list of backup redundancies available in the specific region. Supported values are displayed in the BackupStorageRedundancies property. For example some regions may support up to three redundancy options: Geo, Zone, and Local. Other regions may support a subset of these options. Before updating, choose the backup storage redundancy option that is supported in all the regions your Azure Cosmos DB account uses.

Use the Update-AzCosmosDBAccount cmdlet with the chosen backup redundancy option to update the backup redundancy on an existing account:

$parameters = @{
    ResourceGroupName "<resource-group-name>"
    Name = "<account-name>"
    BackupStorageRedundancy = "Zone"
}
Update-AzCosmosDBAccount @parameters

Alternatively, use the New-AzCosmosDBAccount cmdlet to create a new account with the chosen backup redundancy option:

$parameters = @{
    ResourceGroupName = "<resource-group-name>"
    Name = "<account-name>"
    Location = "<azure-region>"
    BackupPolicyType = "Periodic"
    BackupStorageRedundancy = "Geo"
}
New-AzCosmosDBAccount @parameters

Add an Azure Policy for backup storage redundancy

Azure Policy helps you to enforce organizational standards and to assess compliance at-scale. For more information, see what is Azure Policy?.

The following sample shows how to add an Azure policy for Azure Cosmos DB accounts to validate (using audit) that they have their backup redundancy configured to Local.

"parameters": {},
"policyRule": {
  "if": {
    "allOf": [
      {
        "field": "Microsoft.DocumentDB/databaseAccounts/backupPolicy.periodicModeProperties.backupStorageRedundancy",
        "match": "Local"
      }
    ]
  },
  "then": {
    "effect": "audit"
  }
}

Next steps

Modify the backup interval and retention period

Share via

Update periodic backup storage redundancy for Azure Cosmos DB

Prerequisites

Update storage redundancy

Add an Azure Policy for backup storage redundancy

Next steps

Feedback

Additional resources