Configure Azure file share backup with ARM template

I was trying to configure Azure file share backup using ARM template deployment. Below is the template I'm trying to deploy. First I create a backup policy then trying to configure backup for the file share.

The question is, to the template I have to pass protected items in below format. (azurefileshare;someUniqueID) (I have to pass the unique protected item ID instead of file share name). But this ID can only be retrieved after configuring the backup.

Let me know if anyone here have any idea about this.

> "protectedItems": {
>             "value": [
>                 "azurefileshare;xxxx1f5e4535076cxxxxxxxxxxxb9ff558024ff8xxxxxxcefce6"
>             ]
> 

Tempate.json

 >  {
    > "$schema":"http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    > "contentVersion": "1.0.0.0",  
    >   "parameters": {
    >     "vaultName": {
    >       "type": "String"
    >     },
    >     "vaultRG": {
    >       "type": "String"
    >     },
    >     "vaultSubID": {
    >       "type": "String"
    >     },
    >     "policyName": {
    >       "type": "String"
    >     },
    >     "schedule": {
    >       "type": "Object"
    >     },
    >     "retention": {
    >       "type": "Object"
    >     },
    >     "timeZone": {
    >       "type": "String"
    >     },
    >     "fabricName": {
    >       "type": "String"
    >     },
    >     "protectionContainers": {
    >       "type": "Array"
    >     },
    >     "protectedItems": {
    >       "type": "Array"
    >     },
    >     "sourceResourceIds": {
    >       "type": "Array"
    >     }   },   "resources": [
    >     {
    >       "type": "Microsoft.RecoveryServices/vaults/backupPolicies",
    >       "apiVersion": "2016-06-01",
    >       "name": "[concat(parameters('vaultName'), '/', parameters('policyName'))]",
    >       "properties": {
    >         "backupManagementType": "AzureStorage",
    >         "WorkloadType": "AzureFileShare",
    >         "schedulePolicy": "[parameters('schedule')]",
    >         "retentionPolicy": "[parameters('retention')]",
    >         "TimeZone": "[parameters('timeZone')]"
    >       }
    >     },
    >     {
    >       "type": "Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems",
    >       "apiVersion": "2016-06-01",
    >       "name": "[concat(parameters('vaultName'), '/', parameters('fabricName'),
    > '/',parameters('protectionContainers')[copyIndex()], '/',
    > parameters('protectedItems')[copyIndex()])]",
    >       "dependsOn": [
    >         "[concat('Microsoft.RecoveryServices/vaults', '/', parameters('vaultName'), '/backupPolicies/',
    > parameters('policyName'))]"
    >       ],
    >       "properties": {
    >         "backupManagementType": "AzureStorage",
    >         "workloadType": "AzureFileShare",
    >         "friendlyName": "afs",
    >         "protectedItemType": "AzureFileShareProtectedItem",
    >         "policyId": "[resourceId('Microsoft.RecoveryServices/vaults/backupPolicies',
    > parameters('vaultName'), parameters('policyName'))]",
    >         "sourceResourceId": "[parameters('sourceResourceIds')[copyIndex()]]"
    >       },
    >       "copy": {
    >         "name": "protectedItemsCopy",
    >         "count": "[length(parameters('protectedItems'))]"
    >       }
    >     }   ] }

Solution 1:

Here the same behavior. It seems the property format of name in this case is mandatory and not documented.

I have got success hardcoding the long string "661bd40fac4e36949e3e814039158f0b6c27ee8a497452559176d00f0cf257cb6"

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "vaultName": { "value": "blablabla" },
        "vaultRG": { "value": "rg-blablabla" },
        "policyName": { "value": "DailyPolicy" },
        "fabricName": { "value": "Azure" },
        "protectionContainers": {
          "value": [
            "storagecontainer;storage;rg-blablabla;storage002"
          ]
        },
        "protectedItems": {
          "value": [
           "azurefileshare;661bd40fac4e36949e3e814039158f0b6c27ee8a497452559176d00f0cf257cb6"
          ]
        },
        "sourceResourceIds": {
          "value": [
            "/subscriptions/ blabla bla /resourceGroups/rg-blablabla/providers/Microsoft.Storage/storageAccounts/storage002"
          ]
        }
    }
}

{
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
            "parameters": {
              "vaultName": { "type": "string" },
              "vaultRG": { "type": "string" },
              "vaultSubID": { "type": "string" },
              "policyName": { "type": "string" },
              "fabricName": { "type": "string" },
              "protectionContainers": { "type": "array" },
              "protectedItems": { "type": "array" },
              "sourceResourceIds": { "type": "array" }
            },
    "resources": [
              {
                "name": "[concat(parameters('vaultName'), '/', parameters('fabricName'), '/',parameters('protectionContainers')[copyIndex()], '/', parameters('protectedItems')[copyIndex()])]",
                "apiVersion": "2020-02-02",
                "type": "Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems",
                "properties": {
                  "backupManagementType": "AzureStorage",
                  "workloadType": "AzureFileShare",
                  "friendlyName": "afs",
                  "protectedItemType": "AzureFileShareProtectedItem",
                  "policyId": "[resourceId('Microsoft.RecoveryServices/vaults/backupPolicies', parameters('vaultName'), parameters('policyName'))]",
                  "sourceResourceId": "[parameters('sourceResourceIds')[copyIndex()]]"
                },
                "copy": {
                  "name": "protectedItemsCopy",
                  "count": "[length(parameters('protectedItems'))]"
                }
              }
    ]
}

It is not complete functional, but it works

Solution 2:

It seems like this article answers your question; https://docs.microsoft.com/en-us/azure/backup/backup-azure-file-share-rest-api

In the article they describe that you can use the name property from the GET backupprotectableItems API. In their example they show the name as azurefiles;<name of your fileshare>, but this is actually azurefiles;<some random ID>. As they themself say;

Always take the name attribute of the response and fill it in this request. Don't hard-code or create the container-name format or protected item name format. If you create or hard-code it, the API call will fail if the container-name format or protected item name format changes in the future.