Sysmon 1.3.7 for Linux
May 22, 2025Everything New in Azure Governance @ Build 2025
May 22, 2025
We are excited to announce the general availability of Long-Term Retention (LTR) backups for Azure Database for PostgreSQL flexible server across all Azure regions. This powerful new capability addresses critical enterprise needs for compliance, audit readiness, and long-term data durability
Why Long-Term Retention Matters
As organizations face growing regulatory requirements such as HIPAA or financial audit compliance, the need to retain data beyond the built-in 35-day retention of Point-in-Time Restore (PITR) becomes essential. Long-Term Retention (LTR) addresses this need with a policy-driven, scalable, and secure solution that enables organizations to retain PostgreSQL backups for up to 10 years using the Azure Backup service. This service also provides immutability and soft delete protection, helping ensure long-term durability and protection against threats.
With LTR, businesses can:
- Meet regulatory and compliance requirements for long-term data retention.
- Safeguard critical data from ransomware attacks and accidental deletion.
- Support long-term recovery scenarios, including when the original server is no longer available.
What’s Now Generally Available?
Azure Database for PostgreSQL now supports three types of backups, all of which now are generally available.
|
Backup Type |
Method |
Retention |
Size Limit |
RPO |
|
Automated Backups |
Physical Disk Snapshots + WAL initiated by Managed Service |
7–35 days |
Up to 64 TiB |
5 minutes |
|
On-Demand Backups |
Physical Disk Snapshots + WAL initiated by Customer |
7–35 days |
Up to 64 TiB |
5 minutes |
|
Long Term Backups |
Logical (pg_dump/pg_restore) Customer Configured & Service Managed |
Upto 10 years |
Up to 1 TiB |
24 hours |
You can read more about our physical backups (Automated & On-demand) using Backup and restore documentation. Let’s dive into our long-term backup solution, which relies on logical backups.
Why does LTR use Logical Backups?
Unlike traditional disk snapshots, logical backups offer long-term compatibility and platform flexibility. LTR leverages native PostgreSQL tools (pg_dump and pg_restore) to create backups that are:
- Version independent – Ability to restore newer PostgreSQL versions even after older versions reach end-of-life.
- Platform agnostic – Ability to restore across flexible servers, VMs, on-premises, or other clouds.
- Open-source compatible – Uses standard PostgreSQL formats.
- Secure – Integrates with Azure Backup Vaults and supports immutable storage to enhance ransomware protection.
Understanding the LTR Backup & Restore Process
Long-Term Retention (LTR) backups in Azure Database for PostgreSQL flexible server are managed using Azure Backup tool, a cloud-native backup service from Microsoft Azure. This service is designed to deliver reliable, secure, scalable, and cost-effective solutions for safeguarding and recovering your data across Azure-based and on-premises environments.
When LTR is enabled for a flexible server instance, the Azure Backup service initiates a logical backup process by executing the pg_dump utility on all databases hosted on that server. These logical backups capture not just the data, but also critical metadata such as database schemas, roles, and tablespace definitions. The operation is performed using the managed super user account, a privileged account with full access to all databases, ensuring that backup files are comprehensive and consistent.
The backup files are stored securely in a Backup Vault, which is a centralized and protected Azure resource specifically designed for long-term data retention. The backup artifacts include:
- roles.sql: Information about all server-level roles, including custom roles.
- database.sql: Complete schema and data dump for each database.
- tablespace.sql: Definitions for tablespaces used in the server.
- schema.sql: Schema-only dump of all databases.
Because these backups are stored in open-source formats, they offer maximum flexibility. You can restore these files to a customer-managed Azure storage account, from there, they can be restored into any compatible PostgreSQL environment which could be another flexible server, Azure VM, or even an on-premises self-managed PostgreSQL instance. This approach ensures that your long-term backup strategy is both future-proof and platform-agnostic, supporting a wide range of recovery scenarios regardless of infrastructure changes or PostgreSQL version lifecycles.
You can configure LTR backups directly from the flexible server blade using the steps below or by following the steps from Azure Backup documentation. LTR backups are stored in Azure Backup vault, and you need to perform below 2 steps for configuring LTR for a flexible server.
- Configure Backup Vault
- Configure LTR Backup for your flexible server
Configure Backup Vault
- Navigate to your flexible server on the Azure portal.
- Under the Settings section, select Long-term retention (Vaulted backups) and click Backup.
3. Select Create Vault
4. Provide a name for your Backup Vault.
Choose the appropriate Region and select Backup storage redundancy based on your business requirements.
5. Configure vault properties such as immutability and soft delete, according to your data protection needs.
6. Click Create to deploy the vault.
Configure LTR Backup for your flexible server
- Navigate to your Backup Vault and click Backup.
2. Create a Backup Policy by setting your desired retention period and backup schedule.
3. Click Add/Edit to select your flexible server for the policy.
Note: If you do not have the correct permissions, you will see a “Role assignment not done” error.
Click Assign missing roles to automatically assign the necessary roles. Once validation succeeds, click Next.
4. Click Configure backup
To verify your setup:
- Go to your Backup Vault → Backup Instances
- Select your flexible server and click Backup Now
Restoring Backups
You can restore long-term backups by first restoring the backup files to a Storage Account and then restoring them to a flexible server instance. For detailed steps, refer to the Official Documentation.
Limitations and considerations
- LTR restores are currently available only as ‘Restore as Files’ to storage accounts, with ‘Restore as Server’ capability planned for the future.
- LTR backup is not supported on replicas, it can only be performed on primary servers.
- The maximum supported database size for Long-Term Retention (LTR) backups is 1 TiB. We plan to increase this limit in future. You can still configure your own custom solution to perform pg_dump of flexible server of more than 1 tib.
- LTR backups can be scheduled weekly, monthly, or yearly. The daily backup schedule is currently unsupported.
- LTR backups do not support tables containing a row with a BYTEA length exceeding 500 MB.
By using logical backups for long-term retention in Azure Database for PostgreSQL flexible server, you are not just meeting compliance needs you are gaining flexibility, futureproofing, and control over your data’s lifecycle.
Ready to start? Configure your backups now →
More information on Azure Database for PostgreSQL backups –
Backup and restore – Azure Database for PostgreSQL flexible server