![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 85%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWK%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,681 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 74%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Hello,
Welcome to Microsoft Q&A,
Currently, Azure Backup does not support file-level recovery (FLR) from encrypted Azure VM backups — this includes both Azure Disk Encryption (ADE) and customer-managed keys (CMK) scenarios. As a result, when you need to restore a specific file or folder from a backup of an encrypted VM, you’re limited to:
Restoring the entire VM, or
Restoring the entire disk and manually mounting it to another VM for file extraction.
This is understandably time-consuming, especially for minor recoveries.
If FLR is critical for your use case, consider:
- Azure File Share + Azure Backup Use Azure Files for storing data that needs granular restore and enable Azure Backup on the file share. This supports item-level restore and works well alongside VM backups.
- Snapshot + Manual Mount Use Azure Backup’s disk snapshot recovery to mount the disk to another VM and extract the required files manually.
- Third-Party Solutions As you noted, some third-party vendors (e.g., Commvault, Veeam, Rubrik) provide granular restore for encrypted VMs by installing agents or handling encryption keys in their platform.
Please Upvote and Accept the answer if it helps!!