As I mentioned in my earlier blog, backup to URL is one of the common methods used in SQL Server performs a backup to Azure Blob Storage. In this blog, I am going to share a script to generate the create credential and backup command using Shared Access Signature also called as SAS token.
If you don’t know already, Backup to URL also has two methods to connect to the storage account
- Credential by using Access Keys.
- Credential by using SAS token.
In my earlier blog, I have shared script to use the first method. SQL SERVER – Msg 3292: A Failure Occurred While Attempting to Execute Backup or Restore With a URL Device Specified
In this blog, I would show the second method – Backup using Shared Access Signature.
WORKAROUND/SOLUTION
In the script, we need to provide below parameters.
- @StorageAccountName: In Azure portal, go to “Home” > “Storage accounts” and pick up the account which you want to use. In my demo, its “sqldbprodbackups”.
- @ContainerName: To get a container name, you can refer below screenshot. You need to click on “Browse Blobs”. If you don’t have container created already then click on “+” symbol and create a new one. In my Azure, I have already created one called “dailybackups” as shown below. You can also see @StorageAccountName on the same page.
- @SASKey: Refer below steps for SAS Key generation.
We need to click on “Shared access signature” as shown below.
Then we need to click on “Generate SAS and connection string” button. Once done, scroll down and we should see something like below.
The value should be assigned to variable @SASKey
---- Backup To URL (using SAS Token) : --- =================================== --- DECLARE @Date AS NVARCHAR(25) ,@TSQL AS NVARCHAR(MAX) ,@ContainerName AS NVARCHAR(MAX) ,@StorageAccountName AS VARCHAR(MAX) ,@SASKey AS VARCHAR(MAX) ,@DatabaseName AS SYSNAME; SELECT @Date = REPLACE(REPLACE(REPLACE(REPLACE(CONVERT(VARCHAR, GETDATE(), 100), ' ', '_'), ' ', '_'), '-', '_'), ':', '_'); SELECT @StorageAccountName = ''; --- Find this from Azure Portal SELECT @ContainerName = ''; --- Find this from Azure Portal SELECT @SASKey = ''; --- Find this from Azure Portal SELECT @DatabaseName = 'master'; IF NOT EXISTS ( SELECT * FROM sys.credentials WHERE name = '''https://' + @StorageAccountName + '.blob.core.windows.net/' + @ContainerName + '''' ) BEGIN SELECT @TSQL = 'CREATE CREDENTIAL [https://' + @StorageAccountName + '.blob.core.windows.net/' + @ContainerName + '] WITH IDENTITY = ''SHARED ACCESS SIGNATURE'', SECRET = ''' + REPLACE(@SASKey, '?sv=', 'sv=') + ''';' --SELECT @TSQL EXEC (@TSQL) END SELECT @TSQL = 'BACKUP DATABASE [' + @DatabaseName + '] TO ' SELECT @TSQL += 'URL = N''https://' + @StorageAccountName + '.blob.core.windows.net/' + @ContainerName + '/' + @DatabaseName + '_' + @Date + '.bak''' SELECT @TSQL += ' WITH COMPRESSION, MAXTRANSFERSIZE = 4194304, BLOCKSIZE = 65536, CHECKSUM, FORMAT, STATS = 1;' --SELECT @TSQL EXEC (@TSQL)
Once the script was executed, we could see credential in SSMS and backup in Azure.
Hope this would help you in creating the script in an easier way.
Reference: Pinal Dave (http://blog.SQLAuthority.com)
First appeared on SQL SERVER – Backup to URL – Script to Generate Credential and Backup using Shared Access Signature (SAS)