Skip to content
/ backup-azure-api-management-automation-script Public

This Azure Automation runbook automates Azure API Management backup to Blob storage and deletes old backups from blob storage. This is a PowerShell runbook, as opposed to a PowerShell Workflow runbook.

License

View license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

azureautomation/backup-azure-api-management-automation-script

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Backup-AzureAPIM.ps1
Backup-AzureAPIM.ps1
 
 
License.md
License.md
 
 
Metadata.json
Metadata.json
 
 
README.md
README.md
 
 

Repository files navigation

Backup Azure API Management Automation Script

A script to automate the backup process of an APIM instance. It creates a backup and deletes any file older than then retension policy you specify as a parameter.

You can use this script through an Automation Account. While provisioning the Automation Account, you can enable the Run as account which will create the AzureRunAsConnection connection** . This connection is used by the script in order to login to Azure and perform the backup operation.

This script requires AzureRM.ApiManagement module to be installed in the automation account which at the moment requires an update of the out of the box modules.

PowerShell Edit|Remove powershell <# .SYNOPSIS This Azure Automation runbook automates Azure API Management backup to Blob storage and deletes old backups from blob storage.

.DESCRIPTION You should use this Runbook if you want manage Azure API Management backups in Blob storage. This is a PowerShell runbook, as opposed to a PowerShell Workflow runbook. It requires AzureRM.ApiManagement module to be installed. The script uses the AzureRunAsConnection connection to login and perform the backup.

.PARAMETER ApimResourceGroupName Specifies the name of the resource group where the Azure Api Management instance is located.

.PARAMETER ApimInstanceName Specifies the name of the Azure Api Management which script will backup.

.PARAMETER StorageAccountName Specifies the name of the storage account where backup file will be uploaded.

.PARAMETER StorageAccountKey Specifies the key of the storage account where backup file will be uploaded.

.PARAMETER BlobContainerName Specifies the container name of the storage account where backup file will be uploaded. Container will be created if it does not exist.

.PARAMETER BackupFilePrefix Specifies the backup blob file prefix. The suffix will be automatically generated based on the date in the format yyyyMMddHHmm followed by the .bak file extension. Default value apim_.

.PARAMETER RetentionDays Specifies the number of days how long backups are kept in blob storage. The default value is 30 days as the backups expire after that. Script will remove all older files from container, thus a dedicated container should be used for this script.

.INPUTS None.

.OUTPUTS Human-readable informational and error messages produced during the job. Not intended to be consumed by another runbook.

#>

param( [parameter(Mandatory=$true)] [String] $ApimResourceGroupName, [parameter(Mandatory=$true)] [String] $ApimInstanceName, [parameter(Mandatory=$true)] [String]$StorageAccountName, [parameter(Mandatory=$true)] [String]$StorageAccountKey, [parameter(Mandatory=$true)] [string]$BlobContainerName, [parameter(Mandatory=$false)] [string]$BackupFilePrefix = 'apim_', [parameter(Mandatory=$false)] [Int32]$RetentionDays = 30 )

$ErrorActionPreference = 'stop'

function Login() { $connectionName = 'AzureRunAsConnection' try { Write-Verbose 'Acquiring service principal for connection '$connectionName'' -Verbose

	$servicePrincipalConnection = Get-AutomationConnection -Name $connectionName         

	Write-Verbose 'Logging in to Azure...' -Verbose

	Add-AzureRmAccount `
		-ServicePrincipal `
		-TenantId $servicePrincipalConnection.TenantId `
		-ApplicationId $servicePrincipalConnection.ApplicationId `
		-CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint | Out-Null
}
catch {
	if (!$servicePrincipalConnection)
	{
		$ErrorMessage = 'Connection $connectionName not found.'
		throw $ErrorMessage
	} else{
		Write-Error -Message $_.Exception
		throw $_.Exception
	}
}

}

function Create-Blob-Container([string]$blobContainerName, $storageContext) { Write-Verbose 'Checking if blob container '$blobContainerName' already exists' -Verbose if (Get-AzureStorageContainer -ErrorAction 'Stop' -Context $storageContext | Where-Object { $_.Name -eq $blobContainerName }) { Write-Verbose 'Container '$blobContainerName' already exists' -Verbose } else { New-AzureStorageContainer -ErrorAction 'Stop' -Name $blobContainerName -Permission Off -Context $storageContext Write-Verbose 'Container '$blobContainerName' created' -Verbose } }

function Backup-To-Blob-Storage([string]$apimResourceGroupName, [string]$apimInstanceName, $storageContext, [string]$blobContainerName, [string]$backupPrefix) {

$backupBlobName = $backupPrefix + (Get-Date).ToString('yyyyMMddHHmm') + '.bak'

Write-Verbose 'Starting APIM backup to blob '$blobContainerName/$backupBlobName'' -Verbose

Backup-AzureRmApiManagement -Name $apimInstanceName -ResourceGroupName $apimResourceGroupName -StorageContext $storageContext `
                   -TargetContainerName $blobContainerName `
                   -TargetBlobName $backupBlobName

}

function Delete-Old-Backups([int]$retentionDays, [string]$blobContainerName, $storageContext) { Write-Output 'Removing backups older than '$retentionDays' days from container: '$blobContainerName'' $isOldDate = [DateTime]::UtcNow.AddDays(-$retentionDays) $blobs = Get-AzureStorageBlob -Container $blobContainerName -Context $storageContext foreach ($blob in ($blobs | Where-Object { $.LastModified.UtcDateTime -lt $isOldDate -and $.BlobType -eq 'BlockBlob' })) { Write-Verbose ('Removing blob: ' + $blob.Name) -Verbose Remove-AzureStorageBlob -Blob $blob.Name -Container $blobContainerName -Context $storageContext } }

Write-Verbose 'Starting APIM backup' -Verbose

Write-Verbose 'Establishing storage context' -Verbose $StorageContext = New-AzureStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $StorageAccountKey

Login

Create-Blob-Container -blobContainerName $blobContainerName -storageContext $storageContext

Backup-To-Blob-Storage -apimResourceGroupName $ApimResourceGroupName -apimInstanceName $ApimInstanceName -storageContext $StorageContext -blobContainerName $BlobContainerName ` -backupPrefix $BackupFilePrefix

Delete-Old-Backups -retentionDays $RetentionDays -storageContext $StorageContext ` -blobContainerName $BlobContainerName

Write-Verbose 'APIM backup script finished' -Verbose

<#  .SYNOPSIS      This Azure Automation runbook automates Azure API Management backup to Blob storage and deletes old backups from blob storage.     .DESCRIPTION      You should use this Runbook if you want manage Azure API Management backups in Blob storage.       This is a PowerShell runbook, as opposed to a PowerShell Workflow runbook.       It requires AzureRM.ApiManagement module to be installed.      The script uses the AzureRunAsConnection connection to login and perform the backup.    .PARAMETER ApimResourceGroupName      Specifies the name of the resource group where the Azure Api Management instance is located.        .PARAMETER ApimInstanceName      Specifies the name of the Azure Api Management which script will backup.    .PARAMETER StorageAccountName      Specifies the name of the storage account where backup file will be uploaded.    .PARAMETER StorageAccountKey      Specifies the key of the storage account where backup file will be uploaded.    .PARAMETER BlobContainerName      Specifies the container name of the storage account where backup file will be uploaded. Container will be created       if it does not exist.    .PARAMETER BackupFilePrefix      Specifies the backup blob file prefix. The suffix will be automatically generated based on the date in the format       yyyyMMddHHmm followed by the .bak file extension. Default value apim_.    .PARAMETER RetentionDays      Specifies the number of days how long backups are kept in blob storage. The default value is 30 days as the backups       expire after that. Script will remove all older files from container, thus a dedicated container should be used       for this script.    .INPUTS      None.    .OUTPUTS      Human-readable informational and error messages produced during the job. Not intended to be consumed by another runbook.    #>    param(      [parameter(Mandatory=$true)]      [String] $ApimResourceGroupName,      [parameter(Mandatory=$true)]      [String] $ApimInstanceName,      [parameter(Mandatory=$true)]      [String]$StorageAccountName,      [parameter(Mandatory=$true)]      [String]$StorageAccountKey,      [parameter(Mandatory=$true)]      [string]$BlobContainerName,      [parameter(Mandatory=$false)]      [string]$BackupFilePrefix = 'apim_',      [parameter(Mandatory=$false)]      [Int32]$RetentionDays = 30  )    $ErrorActionPreference = 'stop'    function Login() {      $connectionName = 'AzureRunAsConnection'      try      {          Write-Verbose 'Acquiring service principal for connection '$connectionName'' -Verbose            $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName                     Write-Verbose 'Logging in to Azure...' -Verbose            Add-AzureRmAccount               -ServicePrincipal               -TenantId $servicePrincipalConnection.TenantId               -ApplicationId $servicePrincipalConnection.ApplicationId               -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint | Out-Null      }      catch {          if (!$servicePrincipalConnection)          {              $ErrorMessage = 'Connection $connectionName not found.'              throw $ErrorMessage          } else{              Write-Error -Message $.Exception              throw $.Exception          }      }  }    function Create-Blob-Container([string]$blobContainerName, $storageContext) {      Write-Verbose 'Checking if blob container '$blobContainerName' already exists' -Verbose      if (Get-AzureStorageContainer -ErrorAction 'Stop' -Context $storageContext | Where-Object { $.Name -eq $blobContainerName }) {          Write-Verbose 'Container '$blobContainerName' already exists' -Verbose      } else {          New-AzureStorageContainer -ErrorAction 'Stop' -Name $blobContainerName -Permission Off -Context $storageContext          Write-Verbose 'Container '$blobContainerName' created' -Verbose      }  }    function Backup-To-Blob-Storage([string]$apimResourceGroupName, [string]$apimInstanceName, $storageContext, [string]$blobContainerName, [string]$backupPrefix) {        $backupBlobName = $backupPrefix + (Get-Date).ToString('yyyyMMddHHmm') + '.bak'        Write-Verbose 'Starting APIM backup to blob '$blobContainerName/$backupBlobName'' -Verbose        Backup-AzureRmApiManagement -Name $apimInstanceName -ResourceGroupName $apimResourceGroupName -StorageContext $storageContext                          -TargetContainerName $blobContainerName                          -TargetBlobName $backupBlobName  }    function Delete-Old-Backups([int]$retentionDays, [string]$blobContainerName, $storageContext) {      Write-Output 'Removing backups older than '$retentionDays' days from container: '$blobContainerName''      $isOldDate = [DateTime]::UtcNow.AddDays(-$retentionDays)      $blobs = Get-AzureStorageBlob -Container $blobContainerName -Context $storageContext      foreach ($blob in ($blobs | Where-Object { $.LastModified.UtcDateTime -lt $isOldDate -and $_.BlobType -eq 'BlockBlob' })) {          Write-Verbose ('Removing blob: ' + $blob.Name) -Verbose          Remove-AzureStorageBlob -Blob $blob.Name -Container $blobContainerName -Context $storageContext      }  }    Write-Verbose 'Starting APIM backup' -Verbose    Write-Verbose 'Establishing storage context' -Verbose  $StorageContext = New-AzureStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $StorageAccountKey    Login    Create-Blob-Container       -blobContainerName $blobContainerName       -storageContext $storageContext        Backup-To-Blob-Storage       -apimResourceGroupName $ApimResourceGroupName       -apimInstanceName $ApimInstanceName       -storageContext $StorageContext       -blobContainerName $BlobContainerName       -backupPrefix $BackupFilePrefix        Delete-Old-Backups       -retentionDays $RetentionDays       -storageContext $StorageContext       -blobContainerName $BlobContainerName        Write-Verbose 'APIM backup script finished' -Verbose

TechNet gallery is retiring! This script was migrated from TechNet script center to GitHub by Microsoft Azure Automation product group. All the Script Center fields like Rating, RatingCount and DownloadCount have been carried over to Github as-is for the migrated scripts only. Note : The Script Center fields will not be applicable for the new repositories created in Github & hence those fields will not show up for new Github repositories.

About

This Azure Automation runbook automates Azure API Management backup to Blob storage and deletes old backups from blob storage. This is a PowerShell runbook, as opposed to a PowerShell Workflow runbook.

Topics

azureautomationrunbookgallery

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages