2
votes

How to check if back up is enabled on an Azure virtual machine using PowerShell?

I am aware of querying all the virtual machines and then comparing with the Virtual machines configured under Recovery services vault.

Is there any way to pull the information from the Virtual machine object? OR an easier way than I already have?

3
Hi Manjunath, Did you find answer or created any script to get all the VMs and then finding which all VMs are enabled for backup and which are not?aquib.qureshi

3 Answers

3
votes
#change the below values
$ResourceGroupName= "spfarm" #all the VMs in this Resource Group will be checked for Vault specified below
$VaultName = "vault595" 

Get-AzureRmRecoveryServicesVault -Name $VaultName -ResourceGroupName $ResourceGroupName | Set-AzureRmRecoveryServicesVaultContext
$fnames = Get-AzureRmRecoveryServicesBackupContainer -ContainerType "AzureVM" -Status "Registered" | select  -ExpandProperty friendlyname
$vaultVMs=@()
foreach ($name in $fnames)
{
    $nameContainer = Get-AzureRmRecoveryServicesBackupContainer -ContainerType "AzureVM" -Status "Registered" -FriendlyName $name
    $vaultVMs += Get-AzureRmRecoveryServicesBackupItem -Container $nameContainer -WorkloadType "AzureVM" | select VirtualMachineId
}

 $vms = Get-AzureRmVM -ResourceGroupName $ResourceGroupName
 foreach ($vm in $vms)
 {
    $j = 0;
    for ($i=0; $i -lt $vaultVMs.Count; $i++)
    {
        if ($vm.id -eq $vaultVMs[$i].VirtualMachineId)
        {
               $j++
        }
    }
    if ($j -eq 0)
    {
        Write-Host "$($vm.name) is not backed up in this vault"
    }
    else
    {
        Write-Host "$($vm.Name) is backed up in this vault"
    }
 }
0
votes

Use the Get-AzureRmRecoveryServicesBackupContainer cmdlet and pipe that to the Get-AzureRmRecoveryServicesBackupItem cmdlet to list the Backup enabled VMs under the recovery services vault.

For more information refer: https://docs.microsoft.com/en-us/azure/backup/backup-azure-vms-automation#select-the-vm

0
votes

param (
    [Parameter(Mandatory=$true)][string]$tenantId
)

Connect-AzAccount -Tenant $tenantId
$subscriptions = @(Get-AzSubscription -TenantId $tenantId)

foreach ($subscription in $subscriptions)
{
    Set-AzContext -Subscription $subscription -Tenant $tenantId | Out-null

    $vaults = Get-AzRecoveryServicesVault
    [System.Collections.ArrayList]$vms = @(Get-AzVM)
    foreach ($vault in $vaults)
    {
        Set-AzRecoveryServicesVaultContext -Vault $vault
        $containers = Get-AzRecoveryServicesBackupContainer -ContainerType "AzureVM" -Status "Registered"
        
        $vaultVMs=@()
        foreach ($container in $containers) # Fetch all backed-up VMs in the iterated vault
        {
            $vaultVMs += Get-AzRecoveryServicesBackupItem -Container $container -WorkloadType "AzureVM" | Select-Object VirtualMachineId
        }

        foreach ($vaultVM in $vaultVMs) # Remove the backed-up VMs from the array containing all the VMs in the iterated subscription
        {
            $indexsToRemove = @()
            for ($i=$vms.Count-1; $i -ge 0; $i--)
            {
                if ($vaultVM.VirtualMachineId -eq $vms[$i].id)
                {
                    $indexsToRemove += $i
                }
            }

            foreach ($indexToRemove in $indexsToRemove) {
                $vms.RemoveAt($indexToRemove)
            }
        }
    }

    if($vms.Count -gt 0) 
    {
        Write-Host "### SUBSCRIPTION $($subscription.Name) ###"
    }

    foreach ($vm in $vms) # Print out the VM names which are not backed up in the iterated subscription
    {
        Write-Host "$($vm.name) is not backed up"
    }

    if($vms.Count -gt 0) 
    {
        Write-Host ""
    }
}

I have made some improvements to the script in Abhilash's anwswer, which makes it more robust, but also more suitable to the use case I am working on. These improvements are:

  • The scope is now all subscriptions, and all resource groups, under a specific tenant. This tenant's ID is a script parameter.
  • Removed a redundant call to Get-AzureRmRecoveryServicesBackupContainer
  • Whenever a match is found between the array containing all the VMs ($vms) and the array containing the VMs which are backed-up inside the recovery vaults ($vaultVMs), the first array is updated, thus avoiding redundant iterations when iterating $vms