Terraform-provider-azurerm: Feature Request: azurerm_recovery_services_vault vm enrollment

Created on 19 Apr 2018  路  12Comments  路  Source: terraform-providers/terraform-provider-azurerm

Hi there,

Terraform Version

Terraform v0.11.7

  • provider.azurerm v1.3.3

Affected Resource(s)

Please list the resources as a list, for example:

  • azurerm_recovery_services_vault
  • azurerm_virtual_machine

Expected Behavior

With the upcoming support for creating Recovery Service Vaults, it would be helpful to enroll any vm's that are created in the same apply with the Vault for backups. This would require additional work such as creating a backup policy under the azurerm_recovery_services_vault as shown below.

My current workflow is to deploy vm's with terraform and then run an additional powershell script locally that will...

  1. Take input of a Resource Group name from user.
  2. Create Recovery Services Vault in the given resource group.
  3. Create a backup policy based on type of environment. (The type of environment is determined by the last 3 characters of the resource group name such as poc, dev, stg, prd and each of these is associated with a retention timeframe such as poc = 3, dev = 3, stg = 7 and prd = 30.)
  4. Loop through each vm in the Resource Group and enroll them for backup with the previously created policy.

It would greatly improve the workflow if instead of the above workflow, I could doing something such as...

resource "azurerm_recovery_services_vault" "vault" {
  name                = "example_recovery_vault"
  location            = "${azurerm_resource_group.rg.location}"
  resource_group_name = "${azurerm_resource_group.rg.name}"
  sku                 = "standard"

  backup_policy {
    name     = "example_backup_policy"
    backup_frequency = "daily"
    daily_backup_retention = 3
    time_zone = "utc"
    time = {
      hour = 11
      min = 30
      period = "pm"
    }

    {...}
  }
}

resource "azurerm_virtual_machine" "test" {
  name                  = "acctvm"
  location              = "${azurerm_resource_group.test.location}"
  resource_group_name   = "${azurerm_resource_group.test.name}"
  network_interface_ids = ["${azurerm_network_interface.test.id}"]
  vm_size               = "Standard_DS1_v2"
  depends_on = ["azurerm_recovery_services_vault.vault"]

  backup_vault = {
    backup_vault_id = "${azurerm_recovery_services_vault.vault.id}"
    backup_policy = "${azurerm_recovery_services_vault.vault.policy.id}"
  }

  {...}
}

I would be interested in working on this but have no experience in go or how the azure provider leverages azure to perform tasks. If there is official docs on the provider, I am happy to dig in.

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

995

new-resource servicrecovery-services
Source
picture PleaseStopAsking
👍18

Most helpful comment

I am also very interested in this feature. My use case is just to add created VMs to preconfigured Recovery Services. This is crucial to maintain automated configuration and deployment.

3 months passed, any updates on ETA?

picture beoSheep on 23 Aug 2018
👍12

All 12 comments

Some initial investigation into this - based on this ARM Template:

{
  "name": "[concat(variables('recoveryVaultName'), variables('protectectioContainer'), variables('protectedItem'))]",
  "type": "Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems",
  "apiVersion": "2016-12-01",
  "location": "[resourceGroup().location]",
  "properties": {
    "protectedItemType": "Microsoft.Compute/virtualMachines",
    "workloadType": "VM",
    "sourceResourceId": "[variables('vmNameId')]",
    "policyId": "[variables('recoveryVaultPolicyId')]"
  }
}

It appears this is available through the Protected Items API: https://docs.microsoft.com/en-us/rest/api/backup/protecteditems and appears to be in the Go SDK: https://github.com/Azure/azure-sdk-for-go/blob/master/services/recoveryservices/mgmt/2017-07-01/backup/protecteditemsgroup.go#L49

tombuildsstuff picture tombuildsstuff on 20 Apr 2018

Hi @tombuildsstuff,

Re your reply to #1007, your comment above appears to only address the capability to Backup a VM, whereas I am looking for Disaster Recovery (Site Recovery) support.

philipstreet-hiscox picture philipstreet-hiscox on 20 Apr 2018

Has any progress been made on adding the VM Backups, and backup policies as suggested in this request?
I have followed the linked issues; but all are closed with comments pointing back here.

thanks
Damian

DamianFlynn picture DamianFlynn on 23 May 2018

@philipstreet-hiscox apologies - missed this reply: would you mind opening a separate Issue for that feature request specifically, with an example if you've got one? This would help us when writing the test-cases for it :)

@DamianFlynn this is on our roadmap for the near future - but I can't give a specific date at this time. Since you're asking for them - would you be able to give an example of Backup Policies that we could use as a basis for this?

Thanks!

tombuildsstuff picture tombuildsstuff on 23 May 2018

@tombuildsstuff Hi Tom, I did open a feature request for this (#1007) but you closed it saying that it was covered by another feature request, but it wasn't. Can we open my original request rather than creating a new feature request?

Phil

philipstreet-hiscox picture philipstreet-hiscox on 23 May 2018

@philipstreet-hiscox after taking another look into this, I'll re-open the other issue; apologies for the confusion here. I'll add some additional context to the other issue & rename the title to match.

Thanks!

tombuildsstuff picture tombuildsstuff on 23 May 2018

@tombuildsstuff Many thanks Tom. I can provide specific scenario details, which I'll add to the other issue.

philipstreet-hiscox picture philipstreet-hiscox on 23 May 2018
👍1

I am also very interested in this feature. My use case is just to add created VMs to preconfigured Recovery Services. This is crucial to maintain automated configuration and deployment.

3 months passed, any updates on ETA?

beoSheep picture beoSheep on 23 Aug 2018
👍12

Attempted workaround using Azure cli embedded in local-exec also runs into issues because Terraform's "on-destroy" is broken in providers. I've tried this:

resource "null_resource" "rsv_enable" {
 triggers {
  uuid = "${azurerm_virtual_machine.instance.id}"
 }
 provisioner "local-exec" {
  "./enable_rsv.sh"
 }
  provisioner "local-exec" {
   when = "destroy"
   command= "./cleanup_rsv.sh"
 }
}

But the on destroy clause is ignored, which means the solution is not adequate.
Is this being worked on actively?

Note: The above bloc is in a module wrapping a virtual machine resource:

resource "azurerm_virtual_machine" "instance" {
.....
}

resource "null_resource" "backup_provision" {
  triggers {
    uuid = "${azurerm_virtual_machine.instance.id}"
  }
  provisioner "local-exec" {
      command = "./backup-configure.sh",
  }
}

resource "null_resource" "backup_cleanup" {
  provisioner "local-exec" {
     when = "destroy"
     command = "./cleanup.sh",
    }
}
archmangler picture archmangler on 4 Oct 2018

Hi @PleaseStopAsking,

This was just released in v1.17.0 via #1637 馃檪

katbyte picture katbyte on 22 Oct 2018
👍2

Hello Tom, Katbyte et al, dont suppose you have a modifed milestone for backup?

ghost picture ghost on 24 Jan 2019

@phosphre VM Backups have been available since v1.17.0 (so should be available today)

Since this issue's been closed for a while I'm going to lock it - however if you're looking support for a different backup type (or have questions) please feel free to open a new issue and we'll take a look :)

Thanks!

tombuildsstuff picture tombuildsstuff on 24 Jan 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

whytoe picture whytoe  路  3Comments
Kanikamiglani31 picture Kanikamiglani31  路  3Comments
tomasaschan picture tomasaschan  路  3Comments
rudolphjacksonm picture rudolphjacksonm  路  3Comments
MMollyy picture MMollyy  路  3Comments