June 17th, 2026
0 reactions

Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention

Hans ,
Jay

Promotional graphic for the Azure Backup for Azure Cosmos DB public preview, highlighting immutable backups and long-term retention with cloud, lock, shield, and recovery icons.

Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention

Picture the first few hours after a serious data incident. A production application is down. Security teams are still trying to understand what happened. Application owners need to know which recovery points are usable, which ones are protected from tampering, and whether they can restore somewhere outside the environment under investigation.

For teams running regulated or business-critical workloads on Azure Cosmos DB, that moment is exactly where backup design stops being a checkbox. It becomes part of operational resilience.

On June 2, 2026, Microsoft announced the public preview of Azure Backup for Azure Cosmos DB. The preview brings Azure Cosmos DB into the Azure Backup model, with policy-based backup management, long-term retention, immutable recovery points, and restore options built for more than routine accidental deletes.

Why this matters now

Azure Cosmos DB often sits behind applications where latency, global scale, and availability matter: payment systems, care coordination platforms, customer-facing apps, operational dashboards, and the services that keep them moving. Once those systems become part of a regulated business process, backup requirements change.

A short recovery window may be enough for some operational mistakes. It is not always enough for a bank that needs to reconstruct a past decision, a healthcare organization preserving records for an investigation, or a team preparing for a ransomware scenario where attackers may target backup copies before they disrupt production.

That is where Azure Backup for Azure Cosmos DB starts to matter.

What the preview includes

Diagram showing Azure Cosmos DB backups stored in a secure backup vault with immutable, long-term retention and centralized management, plus restore options to another account, region, or development/test environment.

With the public preview, customers can define backup policies for Azure Cosmos DB and manage those backups through Azure Backup. Instead of treating each Azure Cosmos DB backup configuration as a separate operational task, teams can fold it into the backup process they already use elsewhere in Azure.

In this preview, that means:

  • Immutable backups protect recovery points from modification or deletion until the configured retention period expires.
  • Long-term retention lets teams preserve data beyond short operational recovery windows.
  • Centralized management brings Azure Cosmos DB backup policy and monitoring into Azure Backup operations.
  • Restore mobility includes logical restore across subscriptions. Physical restore across regions is planned, which will matter for teams that need more recovery flexibility outside the original production footprint.

In practice, recovery points can now be governed, retained, and protected in ways that fit enterprise recovery plans.

What we heard in private preview

During private preview, much of the interest came from regulated industries, especially financial services and healthcare. The same scenarios kept coming up.

Financial services teams were looking at ransomware readiness, regulatory expectations such as the EU’s Digital Operational Resilience Act (DORA), and enough history to replay transactions or explain why a recommendation, decision, or action happened at a specific point in time.

Healthcare teams had a different set of consequences in mind: protecting personally identifiable information, preserving records for audits or legal disputes, and keeping critical systems recoverable when patient operations or institutional risk are on the line.

For both groups, the hard part is evidence. They do not just need to get an application running again. They often need to prove what data existed, when it existed, and whether it stayed protected after the incident began.

Immutability changes the ransomware conversation

Ransomware planning has changed how many organizations think about backups. It is no longer enough to ask whether a backup exists. Teams also need to ask whether an attacker, compromised credential, or accidental operation could delete or alter that backup before recovery begins.

Immutable recovery points help reduce that risk. Once protected by the retention policy, the backup cannot be modified or deleted before the retention period expires. That gives recovery teams a cleaner starting point when production systems are unhealthy or untrusted.

Long-term retention serves a different purpose. It gives organizations a way to keep data available for legal, compliance, audit, and governance needs after the normal operational recovery window has passed. For regulated workloads, both controls matter: one protects the recovery path, the other preserves the historical record.

A better fit for critical Azure Cosmos DB workloads

Many Azure Cosmos DB workloads start as fast-moving application projects and grow into core business systems. The backup model has to grow with them. Teams need policy, retention, restore mobility, and operational visibility that match the importance of the data.

Azure Backup for Azure Cosmos DB is now available to evaluate in public preview. The fit is clearest for teams that already use Azure Backup across their estate and want Azure Cosmos DB in the same recovery planning, governance, and incident-response model.

Get started with the public preview

Azure portal screen for creating a Backup Vault, showing options to enable immutability and set a 14-day soft delete retention period.

If you run regulated or business-critical workloads on Azure Cosmos DB, this preview is worth testing against your own recovery requirements. Look at how your teams define retention, who can change backup policy, how restore across subscriptions would fit your incident plan, and what evidence you would need after a ransomware event, audit, or legal request.

Backups are easiest to ignore when everything is working. Public preview is a good time to make sure they are ready for the day when they matter most.

To learn more, read the public preview announcement, then use the Azure Backup for Azure Cosmos DB public preview documentation to review supported scenarios, requirements, and setup steps.

About Azure Cosmos DB

Azure Cosmos DB is a fully managed and serverless NoSQL and vector database for modern app development, including AI applications. With its SLA-backed speed and availability as well as instant dynamic scalability, it is ideal for real-time NoSQL and MongoDB applications that require high performance and distributed computing over massive volumes of NoSQL and vector data.

To stay in the loop on Azure Cosmos DB updates, follow us on X, YouTube, and LinkedIn.  Join the discussion with other developers on the #nosql channel on the Microsoft Open Source Discord.

Category

Topics

Author

Hans Wieser [MS]
Hans Wieser [MS]
Principal Product Manager

Principal Product Manager with over 30 years industry experience, recently specializing in data protection for Azure Cosmos DB, and NoSQL optimization. Empowering customer engineering teams to tackle complex data challenges in AI-driven real-time architectures.

Jay Gordon
Jay Gordon
Senior Program Manager

Jay Gordon is a Senior Program Manager with Azure Cosmos DB focused on reaching developer communities. Jay is located in Brooklyn, NY.

0 comments

Read next