question

AdityaNath-1817 avatar image
AdityaNath-1817 asked ·

A way to extend backup monitoring for app services using policy?

There are azure policies for monitoring whether virtual machines have backups or not. Most of the online documentations point towards the two built-in policies which deal with backups. I want to extend/tweak the built-in policy definition to cover App Services as well.
For virtual machine, the backups are listed under backupprotecteditems in Microsoft.RecoveryServices/vaults which is easy enough to audit in policies. The web apps wont have backups there. The backup for a web app, goes in a storage container which were manually created when the backups were enabled.
So I abandoned working with policy and started looking at powershell scripts to automate backups for webapps. I found Get-AzWebAppBackupList command which would do the job for me. But, as with all of azure powershell commands, I assumed it will be working with a REST query under the hood. After some more digging, the command is a POST call to the following url: https://management.azure.com/subscriptions<sub_id>/resourceGroups/<rg-name./providers/Microsoft.Web/sites/<site-name>/config/backup/list?api-version=2019-08-01
I thought if I can check for 'config/backup/list' in policy by using the fields property I can then make Policy do the monitoring for me. But I dont see any of those options while editing policy definition.
someImage

Is there any other way I can extend backup monitoring to app services using policy?


azure-policyazure-webapps-backup
image.png (203.5 KiB)
5 comments
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AdityaNath-1817 Thanks for your comment. I am looking into it and will update you soon.

0 Votes 0 · ·

@AdityaNath-1817 Azure Policy internally checks ARM properties of the resource to validate them. If ARM properties exist , then policy aliases can be requested with which you can create the policy definition. Currently, enabling backup for app service via ARM is not supported. Hence back up monitoring for app services using policy is not available as of now.

To request or provide feedback about Azure Service, I would recommend you to navigate here and share your feedback or suggestions for directly with the responsible Azure feature team and clicking the vote button of your suggestion to raise visibility and priority on it.


0 Votes 0 · ·

@AdityaNath-1817 Did you get chance to review my previous comment ? Let me know if you have any further queries regarding it.

0 Votes 0 · ·
Show more comments

0 Answers