MT.1065 - Soft Delete should be enabled on all Recovery Services Vaults
Overviewβ
Soft delete ensures that backup items and recovery points are retained for a period after deletion. This protects against accidental or malicious deletion of backups.
Ensure that all Recovery Services Vaults across all subscriptions have soft delete enabled.
Remediation action:β
To enable soft delete on a Recovery Services Vault:
- Go to the Azure portal: https://portal.azure.com
- Navigate to Recovery Services Vaults
- Select the vault and go to Properties
- Under Soft Delete, ensure it is set to Enabled
Note: New vaults typically have soft delete enabled by default.
Related linksβ
Test Metadataβ
| Field | Value |
|---|---|
| Test ID | MT.1065 |
| Severity | High |
| Suite | Maester |
| Category | Backup |
| PowerShell test | Test-MtVaultSoftDelete |
| Tags | Azure, Backup, MT.1065 |
Sourceβ
- Pester test:
tests/Maester/Azure/Test-MtVaultSoftDelete.Tests.ps1 - PowerShell source:
powershell/public/maester/azure/Test-MtVaultSoftDelete.ps1