The SaaS-based Rubrik platform is built to protect and recover a wide variety of cloud-native workloads. For Microsoft Azure, this commonly equates to protecting Azure Virtual Machines and Managed Disks, where recovery options can range from entire resource replacement, in-region or cross-region exports (clones), and now file/folder recovery.

File-level recovery is a common recovery operation that addresses the need to recover from operational issues like a corrupt configuration file or accidental deletion with a quick, simple approach. Moreover, if a ransomware attack has only targeted a subset of files or folders and left the underlying operating system unaffected, performing a file-level recovery may be less intrusive and help mitigate data loss compared to a full system restore.

Exocompute for Azure

The Exocompute framework is designed to provide indexing and file recovery features for cloud-native workloads. Thus, Rubrik deploys Exocompute resources in Azure Kubernetes Service (AKS) as needed in order to perform file indexing and file recovery for Microsoft Azure. When those operations are complete, the Exocompute resources are terminated.

By leveraging ephemeral Exocompute resources in Azure, Rubrik can now perform file-level recovery in Azure VMs without the need for restoring the full VM. Additionally, by making the resources available on demand, file-level operations can be performed while keeping cloud costs a minimum.

Let’s take a deeper look into how Rubrik leverages its Exocompute framework in order to enable file-level recovery for Azure VM workloads.

How it Works


When a backup is taken of an Azure VM, Rubrik leverages Microsoft Azure APIs to take a snapshot of a VM’s disks. The snapshots are stored as managed disk snapshots in an Azure Resource Group with Resource Locks applied to prevent accidental deletion. 

File Indexing

In order to enable the ability to search / browse for files from Azure VMs, Rubrik takes the following steps:

  • Launch a disk volume from the recently taken snapshot

  • Launch Exocompute resources 

  • Attach and mount the volume to Exocompute

  • Read file metadata such as directory structure and file names (Reminder: Rubrik has no access to the contents of customer data!)

  • Index the metadata and store it in Rubrik for use in UI

  • Destroy any Exocompute & disk resources created for indexing 

File Recovery

When a file/folder is identified for recovery, Rubrik again leverages Exocompute as follows:

  • Launch a disk volume from the recently taken snapshot

  • Launch Exocompute resources 

  • Attach and mount the volume to Exocompute

  • Locate the file(s) identified by the user and upload them to a Azure Storage Account (provided during Azure account setup)

  • Provide link to download file to user in the Rubrik UI 

  • Destroy any Exocompute & disk resources created for file-level recovery 

Data Security

Throughout the backup, index, and recovery processes, only metadata is passed to Rubrik.  All snapshot data is retained in customer accounts. The cloud-native nature of Exocompute enables Rubrik to protect customer data in Azure efficiently and securely.

An overview of this design from a networking resource perspective is shown below:

Getting Started

The following steps to get started assume that an Azure account has been fully configured, including Exocompute settings.


Users will need to opt-in to File Recovery. This can be done by clicking the ellipses on the VM Overview page and going to Manage file indexing and enabling it, as outlined in the following video.

That’s it! VMs should now list as having Exocompute Configured in the UI.

File Recovery

In order to perform a recovery, first search for the files needing to be recovered and then either select an existing download location (Azure Storage Account) or let Rubrik create one for the recovery process.  This process is demonstrated in the following video:

The Rubrik Difference

With the introduction of file-level recovery for Microsoft Azure VMs, Rubrik continues to deliver functionality to its SaaS-based platform as the control plane for data protection. Purpose-built to support cloud-native workloads by using elastic cloud-native technologies such as Exocompute, Rubrik enables you to not just protect your data, but to do it efficiently and cost-effectively across multiple clouds and platforms.

If you are a Rubrik customer and leverage Microsoft Azure, log into the Rubrik SaaS-based platform and take advantage of the new file-level restore functionality today!

To learn more about how Rubrik cloud-native protection for Microsoft Azure works, check out our whitepaper.