Thank you for voting on this suggestion. It is now completed and can be done via custom Azure Policy. Here is a sample custom policy to apply a specific tag at the RG and have them inherited by the Resources in that RG: https://github.com/Azure/azure-policy/tree/master/samples/ResourceGroup/copy-resourcegroup-tag
Tag inheritance for existing resources is something that we plan to add support for in 2019.
Thank you for this feedback!
We’re working on or have shipped several features that we think will satisfy this request.
First, we have shipped the share snapshot feature, which enables you to protect a point-in-time for a file share. If a user were to delete a file, you can restore from the previous snapshot. To make this easier, Azure Backup will soon support scheduling share snapshot.
Second, and more to the specific ask in the initial post, we are working on AAD authentication and authorization for Azure file shares. When we ship this feature, you will have the ability to set share ACLs that prevent deletes or modifications.
Program Manager, Azure Files
This is planned for the coming semesters. We will start with “blobs” as the first workload and expand to other resources.
Sr. Program Manager, Azure Backup.Martin Edelius commented
We're in the process of offering Azure File Services for our end user as this would allow them to distribute files all over the world in a controlled, reliable manner.
In order to provide this as a service we need to be able to provide more protection than the DR-capabilities built into Azure, for example if a user by mistake deletes a file or folder.
I'm thinking that there'd be a backup operator role in the RBAC that we can assign to the resource group containing the Azure File Service. Users with this role can through the Azure Backup UI configure backup and restore policies for objects in the Azure File Service and also backup and restore the actual objects. No direct access to the objects is given through this role though.
Moved to Azure Backup Forum.
9 votesunder review · 0 comments · Azure Monitor-Log Analytics » Capacity Management Solution · Flag idea as inappropriate… · Admin →