Restore from a snapshot

When a VM is restored from a snapshot, all of the volumes or disks that are attached to it, including the VM configuration, are restored. Depending on the location of the snapshot relative to the original resource, you can perform the following tasks:

AWS and Azure applicable restore operations

• Restore from a snapshot in its original region
• Restore a group of resources in the same region
• Restore PowerProtect DD Virtual Edition (DDVE) snapshots
• File level recovery from a VM or a volume snapshot

GCP-specific restore operations

• Restore from a snapshot in its original region & zone.
• Restore from a snapshot in its original region & different zones in same region.
• File level recovery from a VM or a volume snapshot

AWS-specific restore operations

• Restore from any AWS snapshot to a region where there is a copy
• Restore an AWS snapshot to another AWS account

For information about the backend backup and restore process for AWS resources, see Backend process for backup and restore operations (AWS).

Azure specific restore operations

• Restore Azure cross-region snapshot copy
• Restore Azure blob container snapshots or individual blob snapshots

In the Azure portal, there are two permission models:

• Vault access policy
• Azure role-based access control

To restore Azure snapshots (advanced recovery), for both the permission models, provide the Cloud Snapshot Manager custom permission role to the Cloud Snapshot Manager Registered Application so that key vaults, keys, and secrets can be listed in the Cloud Snapshot Manager UI. Under Vault access policy, select List for Key Permissions and Secret Permissions to provide basic permissions to the Cloud Snapshot Manager Registered Application.

For Azure role-based access control, the following permissions must be part of the dataActions section of the Azure custom role:

"dataActions"["Microsoft.KeyVault/vaults/secrets/readMetadata/action",
               "Microsoft.KeyVault/vaults/keys/read"]