Skip to content

docs(azure-disks-backup): update docs and added examples #906

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
pablosanchezpaz wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

docs(azure-disks-backup): update docs and added examples #906

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
cf582ec
docs(azure-disks-backup): update docs and added examples
pablosanchezpaz Feb 5, 2026
8f24487
Update Readme
pablosanchezpaz Feb 10, 2026
f755a3d
Apply suggestion from @Copilot
pablosanchezpaz Feb 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions modules/azure-disks-backup/.terraform-docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
formatter: "markdown" # this is required

version: ""

header-from: docs/header.md
footer-from: docs/footer.md

recursive:
enabled: false
path: modules
include-main: true

sections:
hide: []
show: []

content: ""

output:
file: "README.md"
mode: inject
template: |-
<!-- BEGIN_TF_DOCS -->
{{ .Content }}
<!-- END_TF_DOCS -->

output-values:
enabled: false
from: ""

sort:
enabled: true
by: name

settings:
anchor: true
color: true
default: true
description: false
escape: true
hide-empty: false
html: true
indent: 2
lockfile: true
read-comments: true
required: true
sensitive: true
type: true
225 changes: 113 additions & 112 deletions modules/azure-disks-backup/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,171 +1,172 @@
# Azure Disks Backup Module
<!-- BEGIN_TF_DOCS -->
# Azure Disks Backup Terraform Module

## Overview

This module creates and configures Azure Backup for managed disks. It sets up a Recovery Services vault, backup policies, and backup instances for specified disks.
This Terraform module allows you to create and configure managed disks backups in Azure, including:
- Creation of Recovery Services vault.
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same terminology issue as in docs/header.md: this appears to be a Data Protection Backup Vault module (azurerm_data_protection_backup_vault), not Recovery Services Vault. Updating this wording will prevent confusion for users trying to map docs to Azure Portal/services.

Suggested change
- Creation of Recovery Services vault.
- Creation of a Data Protection Backup vault.

Copilot uses AI. Check for mistakes.
- Definition of custom backup policies.
- Creation of backup instances for specific disks.
- Support for tags and inheritance from the Resource Group.

## DOC
## Main features
- Configurable vault and backup policies.
- Support for multiple disks and policies.
- Retention, redundancy, and soft delete control.
- Realistic configuration example.

- [Resource terraform - azurerm_data_protection_backup_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_vault)
- [Resource terraform - azurerm_data_protection_backup_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_policy)
- [Resource terraform - azurerm_data_protection_backup_instance_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_instance_disk)
- [Resource terraform - azurerm_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment)

## Notes

- This module presupposes that:
- The `resource_group_name` was used to create the Recovery Services vault and backuo instances.
- The resource group where the snapshot will be stored is the same as the vault.
- The disk/s resource groups/s are diferent from the vault resource group, otherwise, the module raises an error.

## Usage

### Set a module

```terraform
module "disks-backup" {
source = "git::https://github.com/prefapp/tfm.git//modules/azure-disks-backup?ref=<version>"
}
```

### Set a data .tfvars

#### Example
## Complete usage example

```hcl
# The name of the resource group where the backup vault and related resources will be created
resource_group_name = "bk-disks"

# The name of the Recovery Services vault
vault_name = "bk-disks"

# Whether to use resource group tags as base for module tags
tags_from_rg = true

# Tags to apply to resources
tags_from_rg = true
tags = {
Environment = "Production"
Project = "Azure Disks Backup"
Project = "Azure Disks Backup"
}

# The type of datastore to use for backups (Possible values are ArchiveStore, OperationalStore, SnapshotStore and VaultStore)
datastore_type = "VaultStore"

# The redundancy option for the backup vault (LocallyRedundant or GeoRedundant)
redundancy = "LocallyRedundant"

# Whether soft delete is enabled or disabled for the vault
soft_delete = "Off"

# Default retention duration for backups in days before they are deleted (14 days free)
retention_duration_in_days = 30

# List of backup policies to be created
backup_policies = [
{
# Name of the backup policy
name = "foo-policy"

# Time intervals for repeating backups
name = "foo-policy"
backup_repeating_time_intervals = ["R/2024-10-17T11:29:40+00:00/PT1H"]

# Default retention duration for backups
default_retention_duration = "P7D"

# Time zone for the backup schedule
time_zone = "Coordinated Universal Time"

# Retention rules for the backup policy
default_retention_duration = "P7D"
time_zone = "Coordinated Universal Time"
retention_rules = [
{
# Name of the retention rule
name = "Daily"

# Duration for which backups are retained
name = "Daily"
duration = "P7D"

# Priority of the retention rule
priority = 25

# Criteria for applying the retention rule
criteria = {
absolute_criteria = "FirstOfDay"
}
criteria = { absolute_criteria = "FirstOfDay" }
}
]
},
{
name = "bar-policy"
name = "bar-policy"
backup_repeating_time_intervals = ["R/2024-11-01T10:00:00+00:00/PT2H"]
default_retention_duration = "P14D"
time_zone = "Pacific Standard Time"
default_retention_duration = "P14D"
time_zone = "Pacific Standard Time"
retention_rules = [
{
name = "Weekly"
name = "Weekly"
duration = "P14D"
priority = 30
criteria = {
absolute_criteria = "FirstOfWeek"
}
criteria = { absolute_criteria = "FirstOfWeek" }
},
{
name = "Monthly"
name = "Monthly"
duration = "P30D"
priority = 35
criteria = {
absolute_criteria = "FirstOfMonth"
}
criteria = { absolute_criteria = "FirstOfMonth" }
}
]
}
]

# List of backup instances to be created
backup_instances = [
{
# Name of the disk to be backed up
disk_name = "foo-disk"

# Resource group where the disk is located
disk_resource_group = "foo-data"

# Resource group where the snapshot will be stored
snapshot_resource_group_name = "bk-disks"

# Name of the backup policy to apply
backup_policy_name = "foo-policy"
disk_name = "foo-disk"
disk_resource_group = "foo-data"
snapshot_resource_group_name = "bk-disks"
backup_policy_name = "foo-policy"
},
Comment on lines 68 to 74
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The example includes snapshot_resource_group_name, but the generated Inputs table below defines backup_instances without that field (and the _examples/basic/values.yaml also omits it). Please make the README consistent: either remove snapshot_resource_group_name from the example if the module no longer accepts it, or update the module input schema/docs so it’s documented and shown in the inputs table.

Copilot uses AI. Check for mistakes.
{
disk_name = "foo-disk"
disk_resource_group = "foo-data"
snapshot_resource_group_name = "bk-disks"
backup_policy_name = "bar-policy"
disk_name = "foo-disk"
disk_resource_group = "foo-data"
snapshot_resource_group_name = "bk-disks"
backup_policy_name = "bar-policy"
},
{
disk_name = "bar-disk"
disk_resource_group = "bar-data"
snapshot_resource_group_name = "bk-disks"
backup_policy_name = "bar-policy"
disk_name = "bar-disk"
disk_resource_group = "bar-data"
snapshot_resource_group_name = "bk-disks"
backup_policy_name = "bar-policy"
}
]
```

## Notes
- The resource\_group\_name must be the same for the vault and the snapshots.
- Disks can be in different resource groups than the vault.
- The module will throw an error if the disk and vault resource group are the same.

## File structure

```
.
├── main.tf
├── variables.tf
├── outputs.tf
├── README.md
├── CHANGELOG.md
└── docs/
├── header.md
└── footer.md
```

## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.7.1 |
| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | 4.5.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 4.5.0 |

## Modules

No modules.

## Resources

| Name | Type |
|------|------|
| [azurerm_data_protection_backup_instance_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_instance_disk) | resource |
| [azurerm_data_protection_backup_policy_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_policy_disk) | resource |
| [azurerm_data_protection_backup_vault.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_vault) | resource |
| [azurerm_role_assignment.this_disk](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/role_assignment) | resource |
| [azurerm_role_assignment.this_rg](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/role_assignment) | resource |
| [azurerm_managed_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/data-sources/managed_disk) | data source |
| [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/data-sources/resource_group) | data source |

## Inputs

| Name | Description | Type | Default | Required |
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_resource_group_name"></a> [resource_group_name](#input_resource_group_name) | The name of the resource group. | `string` | n/a | yes |
| <a name="input_vault_name"></a> [vault_name](#input_vault_name) | The name of the backup vault. | `string` | n/a | yes |
| <a name="input_datastore_type"></a> [datastore_type](#input_datastore_type) | The type of datastore. Possible values are ArchiveStore, OperationalStore, SnapshotStore and VaultStore. | `string` | `"VaultStore"` | no |
| <a name="input_redundancy"></a> [redundancy](#input_redundancy) | The redundancy type. | `string` | `"LocallyRedundant"` | no |
| <a name="input_soft_delete"></a> [soft_delete](#input_soft_delete) | Enable soft delete. | `string` | `"Off"` | no |
| <a name="input_retention_duration_in_days"></a> [retention_duration_in_days](#input_retention_duration_in_days) | Default retention duration in days. | `number` | `14` | no |
| <a name="input_backup_policies"></a> [backup_policies](#input_backup_policies) | List of backup policies. | `list(object({ name = string, backup_repeating_time_intervals = list(string), default_retention_duration = string, time_zone = string, retention_rules = list(object({ name = string, duration = string, priority = number, criteria = object({ absolute_criteria = string }) })) }))` | n/a | yes |
| <a name="input_backup_instances"></a> [backup_instances](#input_backup_instances) | List of backup instances. | `list(object({ disk_name = string, disk_resource_group = string, snapshot_resource_group_name = string, backup_policy_name = string }))` | n/a | yes |
| <a name="input_backup_instances"></a> [backup\_instances](#input\_backup\_instances) | List of backup instances. | <pre>list(object({<br/> disk_name = string<br/> disk_resource_group = string<br/> backup_policy_name = string<br/> }))</pre> | n/a | yes |
| <a name="input_backup_policies"></a> [backup\_policies](#input\_backup\_policies) | List of backup policies. | <pre>list(object({<br/> name = string<br/> backup_repeating_time_intervals = list(string)<br/> default_retention_duration = string<br/> time_zone = string<br/> retention_rules = list(object({<br/> name = string<br/> duration = string<br/> priority = number<br/> criteria = object({<br/> absolute_criteria = string<br/> })<br/> }))<br/> }))</pre> | n/a | yes |
| <a name="input_datastore_type"></a> [datastore\_type](#input\_datastore\_type) | The type of datastore. | `string` | `"VaultStore"` | no |
| <a name="input_redundancy"></a> [redundancy](#input\_redundancy) | The redundancy type. | `string` | `"LocallyRedundant"` | no |
| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group used for the backup vault and backup instances. | `string` | n/a | yes |
| <a name="input_retention_duration_in_days"></a> [retention\_duration\_in\_days](#input\_retention\_duration\_in\_days) | The retention duration in days before the backup is purged. 14 days free. | `number` | `14` | no |
| <a name="input_soft_delete"></a> [soft\_delete](#input\_soft\_delete) | Enable soft delete. | `string` | `"Off"` | no |
| <a name="input_tags"></a> [tags](#input\_tags) | Tags to apply to resources | `map(string)` | `{}` | no |
| <a name="input_tags_from_rg"></a> [tags\_from\_rg](#input\_tags\_from\_rg) | Use resource group tags as base for module tags | `bool` | `false` | no |
| <a name="input_vault_name"></a> [vault\_name](#input\_vault\_name) | The name of the backup vault. | `string` | n/a | yes |

## Outputs

- `vault_id`: The ID of the Recovery Services vault
| Name | Description |
|------|-------------|
| <a name="output_vault_id"></a> [vault\_id](#output\_vault\_id) | n/a |
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The generated outputs table shows vault_id with description n/a, which typically means the output block lacks a description. Adding an output description in outputs.tf and regenerating docs would make the README more informative for consumers.

Suggested change
| <a name="output_vault_id"></a> [vault\_id](#output\_vault\_id) | n/a |
| <a name="output_vault_id"></a> [vault\_id](#output\_vault\_id) | The resource ID of the backup vault created by this module. |

Copilot uses AI. Check for mistakes.

---

## Additional resources

- [Azure Backup for Disks](https://learn.microsoft.com/en-us/azure/backup/backup-managed-disks)
- [azurerm\_data\_protection\_backup\_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_vault)
- [azurerm\_data\_protection\_backup\_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_policy)
- [azurerm\_data\_protection\_backup\_instance\_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_instance_disk)
- [Official Terraform documentation](https://www.terraform.io/docs)

## Support

For issues, questions, or contributions related to this module, please visit the repository’s issue tracker: [https://github.com/prefapp/tfm/issues](https://github.com/prefapp/tfm/issues)
<!-- END_TF_DOCS -->
Loading