Copy Azure Virtual Machine Snapshots to another region and create Managed disks using PowerShell

In my previous blog, I detailed how to create Virtual Machine (VM) snapshots of all disks and restore in Azure using PowerShell, this is a follow-on blog detailing how you can copy the Virtual Machine disk snapshots to another region, for additional backup purposes for those VMs that cannot be backedup using Azure-related backup resources, possibly an older Windows Server 2003 or similar can use this type of approach; but most likely – part of a DR plan

In the previous blog, you will also have created some snapshots of your Virtual Machine, similar to below:-

These are currently located in North Europe, to copy snapshot to another region we are going to transfer the snapshot to a Storage Account in the West Europe region as a VHD. From the VHD we will then look at creating Managed Disks from these VHDs.

Copy Snapshots to another region

When you run the PowerShell below, it will overwrite the file if it is already there – handy for a DR scenario backup to another region.

$storageaccountdrblob is reference to the blob container that you will be storing the copied snapshots

$snapshots have some simple logic to return the snapshots created within the last 12 hours as over time you may have multiple daily snapshots

$storageaccountdr = "tamopsdrsa"
$storageaccountdrblob = "snapshots"
$SnapshotResourceGroup = "tamops-changetracking"

$storageaccountdrkey = (Get-AzStorageAccountKey -Name $storageaccountdr -ResourceGroupName $snapshotresourcegroup).value[0]
$snapshots = Get-AzSnapshot -ResourceGroupName $snapshotresourcegroup | ?{($_.TimeCreated) -gt ([datetime]::UtcNow.Addhours(-12))}

foreach ($snapshot in $snapshots) {

    try {

        Write-Output "Granting $($snapshot.name) access"
        $snapshotaccess = Grant-AzSnapshotAccess -ResourceGroupName $snapshotresourcegroup -SnapshotName $snapshot.Name -DurationInSecond 3600 -Access Read -ErrorAction stop 
        Write-Output "$($snapshot.name) access granted"
        
        $DestStorageContext = New-AzStorageContext –StorageAccountName $storageaccountdr -StorageAccountKey $storageaccountdrkey -ErrorAction stop
        $vhdname = $($snapshot.name).Substring(0,$($snapshot.name).Length-16)

        Write-Output "Begin snapshot: ($($snapshot.name)) copy to $vhdname.vhd"
        Start-AzStorageBlobCopy -AbsoluteUri $snapshotaccess.AccessSAS -DestContainer $storageaccountdrblob -DestContext $DestStorageContext -DestBlob "$($vhdname).vhd" -Force -ErrorAction stop
        Write-Output "snapshot: ($($snapshot.name)) copy to $vhdname.vhd completed"

    } catch {
        $_
    }  

}

Successful output of this script (output for datadisk1_snapshot_030420):-

Granting datadisk1_snapshot_030420 access
datadisk1_snapshot_030420 access granted
Begin snapshot: (datadisk1_snapshot_030420) copy to datadisk1.vhd


   Container Uri: https://tamopsdrsa.blob.core.windows.net/snapshots

Name                 BlobType  Length          ContentType                    LastModified         AccessTier SnapshotTime         IsDeleted
----                 --------  ------          -----------                    ------------         ---------- ------------         ---------
datadisk1.vhd        PageBlob  -1                                             2020-04-03 19:23:05Z                                 False
snapshot: (datadisk1_snapshot_030420) copy to datadisk1.vhd completed

Creating Managed Disks with VHDs

To create Managed Disks from these .vhds, you have to wait until they have been successfully copied across regions, progress can be checked using:-

Get-AzStorageBlobCopyState -blob "datadisk1.vhd" -Container $storageaccountdrblob   -context $DestStorageContext

Output below, Status is what you need to review, if its “pending” the .vhd is still being copied. If “Success” then the .vhd is ready to be created into a Managed Disk

CopyId                  : 9ee8a183-efb5-4072-9322-27063810dbb1
CompletionTime          : 04/04/2020 21:23:07 +00:00
Status                  : Success
Source                  : https://md-vczv3q3whsw2.blob.core.windows.net/kqvplbsdhs3l/abcd?sv=2017-04-17&sr=b&si=321f4777-d733-4eab-805b-509ec6f214ed&sig=TSlYkJyk4HC 
                          bbGeV7rnd6o1WyGADSyD6UuHb9UOO0PI=
BytesCopied             : 4294967808
TotalBytes              : 4294967808
StatusDescription       :
DestinationSnapshotTime :

Time to create some Managed Disks in the DR region:- West Europe

I created some simple logic to ensure naming of Managed Disks are the same as they are currently in North Europe, reference to $snapshots & $vhdname

#Create Managed Disks
$storageaccountdr = "tamopsdrsa"
$storageaccountdrblob = "snapshots"
$SnapshotResourceGroup = "tamops-changetracking"
$ManagedDiskResourceGroup = "tamsops-md"
$storageaccountid = Get-AzStorageAccount -Name $storageaccountdr -ResourceGroupName $snapshotresourcegroup
$snapshots = Get-AzSnapshot -ResourceGroupName $snapshotresourcegroup | ?{($_.TimeCreated) -gt ([datetime]::UtcNow.Addhours(-12))}

foreach ($snapshot in $snapshots) {

    $vhdname = $($snapshot.name).Substring(0,$($snapshot.name).Length-16)

    #Create Managed Disk
    $diskuri = "https://$($storageaccountdr).blob.core.windows.net/$($storageaccountdrblob)/$($vhdname).vhd"
    $storageType = 'Premium_LRS'


    try {
        Write-Output "Creating managed disk: $vhdname"
        $diskConfig = New-AzDiskConfig -AccountType $storageType -Location westeurope -CreateOption Import -StorageAccountId $storageaccountid.id -SourceUri $diskuri -OsType Windows
        New-AzDisk -Disk $diskConfig -ResourceGroupName $ManagedDiskResourceGroup -DiskName $vhdname -ErrorAction stop
        Write-Output "managed disk: $vhdname created"
    } catch {
        Write-output "Error Creating managed disk: $vhdname"
        $_
    }

}

Output of creating Managed Disks from the .vhds

Creating managed disk: datadisk1


ResourceGroupName            : tamsops-md
ManagedBy                    :
Sku                          : Microsoft.Azure.Management.Compute.Models.DiskSku
Zones                        :
TimeCreated                  : 04/04/2020 20:41:20
OsType                       : Windows
HyperVGeneration             :
CreationData                 : Microsoft.Azure.Management.Compute.Models.CreationData
DiskSizeGB                   : 4
EncryptionSettingsCollection :
ProvisioningState            : Succeeded
DiskIOPSReadWrite            : 120
DiskMBpsReadWrite            : 25
DiskState                    : Unattached
Id                           : /subscriptions/XXXXXXXXX/resourceGroups/tamsops-md/providers/Microsoft.Compute/disks/datadisk1
Name                         : datadisk1
Type                         : Microsoft.Compute/disks
Location                     : westeurope
Tags                         : {}

managed disk: datadisk1 created
Creating managed disk: tamops-vm_disk1_40e292431c0c4afe82c18f82bec39646
ResourceGroupName            : tamsops-md
ManagedBy                    : 
Sku                          : Microsoft.Azure.Management.Compute.Models.DiskSku
Zones                        :
TimeCreated                  : 04/04/2020 20:41:24
OsType                       : Windows
HyperVGeneration             :
CreationData                 : Microsoft.Azure.Management.Compute.Models.CreationData
DiskSizeGB                   : 127
EncryptionSettingsCollection :
ProvisioningState            : Succeeded
DiskIOPSReadWrite            : 500
DiskMBpsReadWrite            : 100
DiskState                    : Unattached
Id                           : /subscriptions/XXXXXXXXX/resourceGroups/tamsops-md/providers/Microsoft.Compute/disks/tamops-vm_disk1_40e29 
                               2431c0c4afe82c18f82bec39646
Name                         : tamops-vm_disk1_40e292431c0c4afe82c18f82bec39646
Type                         : Microsoft.Compute/disks
Location                     : westeurope
Tags                         : {}

managed disk: tamops-vm_disk1_40e292431c0c4afe82c18f82bec39646 created

A handy couple of scripts to assist you with automation in relation to having your snapshots in another region as a “backup” and along with the DR scenario including having the Managed Disks ready to be attached to a Virtual Machine if required.