Azure Recovery Services Backup Management

Warnings

• breaking Version 10.0.0 marks a significant transition to Azure SDK Track 2 guidelines. This involves changes to client constructors, authentication mechanisms (requiring `azure-identity`), method signatures, and return types. Code written for older Track 1 versions (e.g., `< 10.0.0`) will not work without modification.
  Fix: Migrate your code to use the new Track 2 client instantiation (passing `credential` and `subscription_id`), adopt `DefaultAzureCredential` for authentication, and update method calls according to the latest documentation. Consult the official Azure SDK migration guides for detailed steps.
• gotcha Authentication is a common point of failure. `DefaultAzureCredential` requires proper environment configuration (e.g., `AZURE_TENANT_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`) or an an active Azure CLI login (`az login`). Without valid credentials, client instantiation or subsequent API calls will fail with `CredentialUnavailableError` or similar.
  Fix: Ensure your environment variables are correctly set, or that you are logged into Azure CLI. For production, consider using Managed Identity or Service Principals with explicitly assigned roles for robust authentication.
• gotcha Many management operations require precise resource identifiers such as `subscription_id`, `resource_group_name`, `vault_name`, and nested resource names (e.g., `policy_name`). Incorrect or misspelled identifiers will lead to 'ResourceNotFound' errors or similar failures.
  Fix: Always double-check resource names and IDs in the Azure portal or by using Azure CLI commands (e.g., `az backup vault list`, `az backup policy list`) to ensure accuracy. Pay attention to case sensitivity for some resource types.

Install

• pip install azure-mgmt-recoveryservicesbackup azure-identity Install core library and authentication

Imports

• RecoveryServicesBackupClient

  from azure.mgmt.recoveryservicesbackup import RecoveryServicesBackupClient

  Older versions (Track 1) typically had client classes with a '_management_client' suffix and a nested import path. 'RecoveryServicesBackupClient' is the current standard for Track 2.

Quickstart

This quickstart demonstrates how to instantiate the `RecoveryServicesBackupClient` using `DefaultAzureCredential` for authentication and then lists existing backup policies within a specified Recovery Services Vault. Ensure you have Azure credentials configured (e.g., via `az login` or environment variables).

import os
from azure.identity import DefaultAzureCredential
from azure.mgmt.recoveryservicesbackup import RecoveryServicesBackupClient

# Replace with your actual subscription ID and resource details
# It's recommended to set these as environment variables for production.
subscription_id = os.environ.get("AZURE_SUBSCRIPTION_ID", "<your-subscription-id>")
resource_group_name = os.environ.get("AZURE_RESOURCE_GROUP_NAME", "<your-resource-group>")
vault_name = os.environ.get("AZURE_RECOVERY_SERVICES_VAULT_NAME", "<your-recovery-services-vault-name>")

# Authenticate using DefaultAzureCredential
# This tries several methods: environment variables, Azure CLI, Managed Identity, etc.
credential = DefaultAzureCredential()

# Create the Backup Management client
client = RecoveryServicesBackupClient(credential, subscription_id)

print(f"Listing backup policies in vault '{vault_name}' in resource group '{resource_group_name}'...")

try:
    # Example: List backup policies within a specified vault
    # Note: Ensure the credential has 'Reader' access or higher to the vault/resource group.
    policies = client.backup_policies.list(resource_group_name, vault_name)
    for policy in policies:
        print(f"  - Policy Name: {policy.name}, State: {policy.properties.backup_management_type}")
except Exception as e:
    print(f"An error occurred: {e}")
    print("Please ensure the vault, resource group, and subscription ID are correct and your credential has sufficient permissions.")