This article explains one of the important data protection features in Azure Blob Storage – Soft Delete, which helps to recover data that is accidentally deleted in blobs or blob snapshots.
Cloud has taken almost every Industry by storm and businesses are actively adopting cloud services for its elasticity, cost savings, and on-demand services. Azure BLOB (Binary Large Object) Storage is one such service by Microsoft that lets you store large amounts of unstructured data – including text, documents, audio, images, videos or binary.
Organizations are creating and storing large amounts of data at unprecedented volumes and speed, and with this rapidly growing data and democratization of data, there are chances of unintended deletes. Fortunately, the soft delete feature in Azure Blob Storage comes to the rescue and helps blob storage users recover such data. It prevents accidental data loss and offers data protection to your application.
Before we begin and see how soft delete feature actually works, let’s run through the preliminaries that are required to perform our demonstration.
I am assuming you are already familiar with the Azure Portal and to get started, you need to have –
- A Microsoft Azure subscription
- One Azure Storage Account already created
In case, you are new to the Azure Storage account, I would recommend you to quickly go over these sites, Microsoft Azure documentation and Different Azure Storage types (File, Blob, Queue and Table) to learn how to create an Azure Storage account. The latter article also sheds light on different types of Storage available in Azure.
Preparations before demo
For this demo, I have created an Azure Storage Account – azsqlshackstorage in the Resource Group azsqlshackrg with Pay-As-You-Go subscription. You can see these details along with different types of storages (Containers, File shares, Tables, Queues) in the screenshot below.
Let’s move forward with Azure Blob Storage and for that click on Containers. Containers consist of a set of blobs in which data is stored. You will be taken to the following window.
- Click on + Container to add a new container
- Type a relevant name for your container, this name should be lowercase
- You can restrict the access to your container, by default, it is Private (no anonymous access)
- Hit OK to create a container
Let’s upload a few blobs in this newly created container in our Azure storage account. This is a straight forward process, just click on Upload and browse your file and hit the Upload button. If you see the below screenshot, you will find several files that are uploaded into sqlshackfinance container marked in a red ellipse.
You can create as many containers and upload as many blobs (be it block blob, page blob or append blob) in your Azure Blob Storage. Of course, there is a limit on the maximum size of the blob that can be uploaded. You can read more about it here.
In nutshell, our setup looks like the below, where several blobs are grouped into the container, sqlshackfinances which in turn is tied to the Azure Storage account, azsqlshackstorage.
Now that the base set-up is ready, let’s proceed to see how we can enable soft delete in Azure Blob Storage to recover accidentally deleted files and prevent inadvertent data loss.
How do I enable soft delete in Azure Blob Storage?
Navigate to your storage account, and click Data Protection under Blob service. By default, this feature is disabled, select Enabled and also enter the number of days you want to retain your soft deleted data. Don’t forget to hit the Save button to save these changes.
“Successfully updated data protection settings for azsqlshackstorage” message will appear to ensure a soft delete feature is enabled.”
To experience how soft delete feature works, we will delete a couple of files in the container. For this, go to your container, select files and click Delete.
You will see the below pop up on clicking the Delete button. Since we haven’t taken any snapshots, so just click OK. We will talk about blob snapshots soon in this article.
Two selected files are deleted from the container. Refer to the below screenshot.
Click on Show deleted blobs button to see the list of deleted blobs as shown below.
Recovering deleted blobs
Click on the ellipsis of the deleted blob and select Undelete from the contextual menu to recover this deleted blob. You cannot read soft-deleted blobs unless you undelete them first.
On clicking Undelete above, the deleted blob is recovered and restored to its previous Active status as shown below.
Before undeleting the blob, you can also select the soft-deleted blob to view its properties. It shows the date and time when the blob was deleted and also the number of days left until the blob is permanently deleted which is a very useful information for the users.
Enable soft delete while creating a storage account
Additionally, if you know beforehand that your project is going to deal with a large number of blobs with multiple users accessing it, it is always a good idea to ensure data protection and avoid erroneous data loss by enabling soft delete at the time of storage account creation. To do this, you will have to go to the Advanced tab, Data protection and select Enabled as shown below. You can also select the number of days you want to retain soft deleted data.
Does soft delete help to recover deleted blob snapshots too?
Absolutely. Blob snapshots are a read-only version of a blob and are usually used for backup or troubleshooting purposes. So say, we created a snapshot for Financing Agreement doc in the container, and mistakenly it got deleted. Soft delete offers similar support to recover these blob snapshots as well.
To see this in action, let’s quickly try to recover a snapshot, for that, right-click on the ellipsis on the extreme right side of Financing Agreement document and select Create snapshot. The message “Successfully created blob snapshot(s)” is quickly displayed. Make sure, soft delete feature is already enabled.
Now go to the blob, click on Snapshots in the menu tab, select the snapshot and finally hit Delete snapshot button.
The above action will delete the snapshot as shown in the screenshot below.
Just a piece of quick advice here – Be extra careful when creating blob snapshots, as charges are incurred for the additional data storage.
Before I end this discussion, I think it is worth to discuss, what if the container or the storage account containing blobs is deleted? Will we be able to recover deleted files with soft delete feature being enabled in this case?
The answer is NO, since the storage account or container that contains blobs is deleted, everything is deleted permanently including soft-deleted blobs.
To prevent accidental deletions of resources like storage account, containers, databases etc. in Azure, it is a good practice to make use of Locks. To understand how to put a lock on Azure resources, you can go over this article, here, Protecting Azure SQL databases from accidental deletion.
During the demo of this article, we discussed, how we can enable the soft delete feature in Azure Blob Storage to recover blob storage data that is erroneously deleted. This feature also helps to recover deleted blob snapshots. This adds one more layer to the data protection strategy and prevents inadvertent data loss.
- Getting started with Azure Database for PostgreSQL - May 13, 2021
- Generating Azure SQL Database Classification and Sensitivity reports - May 5, 2021
- Dynamic Data Masking in Azure Synapse Analytics - April 23, 2021