本快速入门介绍如何使用 Azure Bicep 文件为 Azure Database for PostgreSQL 灵活服务器配置备份。
借助 Azure 备份,可以使用多种客户端备份 Azure PostgreSQL - 灵活服务器,这些选项包括 Azure 门户、PowerShell、CLI、Azure 资源管理器、Bicep 等。 本文重点介绍部署 Bicep 文件以创建备份保管库,然后为 Azure PostgreSQL 灵活服务器配置备份的过程。 详细了解如何开发 Bicep 文件。
Bicep 是用来以声明方式部署 Azure 资源的一种语言。 可以使用 Bicep 而非 JSON 来开发 Azure 资源管理器模板(ARM 模板)。 Bicep 语法可降低复杂性并改善开发体验。 Bicep 是 ARM 模板 JSON 上的一种透明抽象,提供了所有 JSON 模板功能。 在部署期间,Bicep CLI 将 Bicep 文件转换为 ARM 模板 JSON。 Bicep 文件声明 Azure 资源和资源属性,而无需编写一系列编程命令来创建资源。
ARM 模板中有效的资源类型、API 版本和属性在 Bicep 文件中也有效。
若要设置环境以进行 Bicep 开发,请参阅安装 Bicep 工具。
备注
如文章中所述,安装最新的 Azure PowerShell 模块和 Bicep CLI。
使用此模板,可以配置 Azure PostgreSQL - 灵活服务器的备份。 在此模板中,我们将创建一个备份保管库,并在其中包含 PostgreSQL 服务器的备份策略,计划每周备份一次,且保留期为三个月。
@description('Specifies the name of the Backup Vault')
param backupVaultName string
@description('Specifies the name of the Resource group to which Backup Vault belongs')
param backupVaultResourceGroup string
@description('Specifies the name of the PostgreSQL server')
param postgreSQLServerName string
@description('Specifies the name of the Resource group to which PostgreSQL server belongs')
param postgreSQLResourceGroup string
@description('Specifies the region in which the Backup Vault is located')
param region string
@description('Specifies the name of the Backup Policy')
param policyName string
@description('Specifies the frequency of the backup schedule')
param backupScheduleFrequency string
@description('Specifies the retention duration in months')
param retentionDuration string
@description('Step 1: Create the Backup Vault')
resource backupVault 'Microsoft.DataProtection/backupVaults@2023-01-01' = {
name: backupVaultName
location: region
identity: {
type: 'SystemAssigned'
}
properties: {
storageSettings: [
{
datastoreType: 'VaultStore'
type: 'LocallyRedundant'
}
]
}
}
@description('Step 2: Create Backup Policy for PostgreSQL')
resource backupPolicy 'Microsoft.DataProtection/backupVaults/backupPolicies@2023-01-01' = {
name: '${backupVaultName}/${policyName}'
location: region
properties: {
datasourceTypes: [
'AzureDatabaseForPostgreSQLFlexibleServer'
]
policyRules: [
{
name: 'BackupSchedule'
objectType: 'AzureBackupRule'
backupParameters: {
objectType: 'AzureBackupParams'
}
trigger: {
schedule: {
recurrenceRule: {
frequency: 'Weekly'
interval: backupScheduleFrequency
}
}
}
dataStore: {
datastoreType: 'VaultStore'
}
}
{
name: 'RetentionRule'
objectType: 'AzureRetentionRule'
isDefault: true
lifecycle: {
deleteAfter: {
objectType: 'AbsoluteDeleteOption'
duration: 'P${retentionDuration}M'
}
}
}
]
}
}
@description('Step 3: Role Assignment for PostgreSQL Backup And Export Operator Role')
resource postgreSQLServer 'Microsoft.DBforPostgreSQL/flexibleServers@2022-03-01' existing = {
name: postgreSQLServerName
scope: resourceGroup(postgreSQLResourceGroup)
}
resource roleAssignmentBackupExportOperator 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(backupVault.id, 'PostgreSQLFlexibleServerLongTermRetentionBackupRole')
properties: {
principalId: backupVault.identity.principalId
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e') // Role definition ID for 'PostgreSQL Backup And Export Operator'
scope: postgreSQLServer.id
}
}
@description('Step 4: Role Assignment for Reader on Resource Group')
resource targetResourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' existing = {
name: targetResourceGroupName
}
resource roleAssignmentReader 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
name: guid(backupVault.id, 'Reader')
properties: {
principalId: backupVault.identity.principalId
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '00aa00aa-bb11-cc22-dd33-44ee44ee44ee') // Role definition ID for 'Reader'
scope: targetResourceGroup.id
}
}
@description('Step 5: Create Backup Instance for PostgreSQL)
resource backupInstance 'Microsoft.DataProtection/backupVaults/backupInstances@2023-01-01' = {
name: 'PostgreSQLBackupInstance'
location: region
properties: {
datasourceInfo: {
datasourceType: 'AzureDatabaseForPostgreSQLFlexibleServer'
objectType: 'Datasource'
resourceId: postgreSQLServer.id
}
policyInfo: {
policyId: backupPolicy.id
}
}
}
要部署此模板,请将其存储在 GitHub 或你的首选位置,然后将以下 PowerShell 脚本粘贴到 shell 窗口中。 若要粘贴代码,请右键单击 shell 窗口并选择“粘贴”。
$projectName = Read-Host -Prompt "Enter a project name (limited to eight characters) that is used to generate Azure resource names"
$location = Read-Host -Prompt "Enter the location (for example, chinanorth2)"
$resourceGroupName = "${projectName}rg"
$templateUri = "templateURI"
New-AzResourceGroup -Name $resourceGroupName -Location $location
New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateUri $templateUri -projectName $projectName