Azure Operational Backup for Azure Blobs different from soft delete?

Question

I have enabled soft delete for blobs, containers as well as point in time restore on my storage account. If I delete my blobs, container or even the entire storage account, it can still be restored it seems. So what does the new Operational Backup for Azure Blobs actually add?

https://learn.microsoft.com/en-us/azure/backup/blob-backup-overview

https://learn.microsoft.com/en-us/azure/storage/blobs/soft-delete-blob-overview

Answer 1

1. Soft delete protection is limited than Operational back up and has to enable additional settings in order for additional protection.

• But it is useful when only individual blobs are to be protected instead of storage account level protection.

As You can use blob soft delete only to restore an individual blob, snapshot, directory (in a hierarchical namespace) or version. To restore a container and its contents, container soft delete must also be enabled for the storage account.

• Operational backup is configured and managed at the storage account level, and applies to all block blobs within the storage account and uses a backup policy and can select to store multiple storage accounts at a time or Select containers or Selected prefix matches to restore a subset of blobs.

It does the Continuous back up instead of x no of back ups i.e; you don’t need to schedule any backups and is stored within the storage account local back up.

2. Operational backup prevents the blobs from deleting and overwriting as it enforces delete locks on protected blobs and also backs up even if it is not deleted where as soft delete doesn’t stop from deletion but the blobs deleted can be restored and retained it till a period of time .

3. Data loss is less in Operational back up as Blob point-in-time restore allows restoring blob data to an earlier state. This, in turn, uses soft delete, change feed and blob versioning to retain data for the **specified duration**. Blob soft delete The clock starts on the retention period as soon as an object is deleted or overwritten .So you can restore a soft-deleted object to its state only at the time it was deleted.

Soft delete does not afford overwrite protection for blobs in the archive tier. Versioning is not supported for accounts that have a hierarchical namespace.

4. For the blobs whose operational back up is enabled and has already soft delete enabled has its back up for extra 5 days if retention policy of op backup is less than soft delete time.Else it will remain unchanged.

5. Soft delete allows to undelete the blob before restore time after it is deleted or overwritten. Where as operational back up doesn’t allow deletion itself and monitoring is possible with central back up store management.

Note: Operational backup supports operations on block blobs only and operations on containers can’t be restored. If you delete a container from the storage account by calling the Delete Container operation, that container can’t be restored with a restore operation. It’s suggested you enable soft delete to enhance data protection and recovery.

So soft delete can be used for minor protection for blob level with selective versioning changes and additional container protection where as operational backup is all together in single pack with extra protection which restores the version ,overwrites or deletion at whatever time you set it .