The equivalent scenario to recovering from a bulk erasure of all Azure RM resources is this:

How long will it take you to recover if someone deleted your switch configs, reset the SAN to factory defaults, wiped you firewall rules, deleted you Active Directory accounts (or equivalent), and then ran a secure erase on every every physical server just to raze everything to the ground and salt the earth?

I mean in wall-clock time, how long would it take your team to even figure out what is going on? Where would you start?

Would you recover the switch first, or the server that you use to authenticate to it using RADIUS or LDAP?

How will you securely connect to servers if your CRL and OCSP servers are down?

How will you get access to your passwords if your file server where the key blob is stored is saying "Insert boot disk"?

People think that disaster recovery is for "I deleted a folder".

Disaster recovery is for disasters.

Removing all Azure resources wipes everything. Your vNets... Poof! Your public IPs... Poof! Your internet-facing DNS zone... Poof! Your authentication credentials... Poof! Gone, gone, gone.

How do you plan to restore dynamic IP addresses to their original values?

How do you plan to restore DNS Zones that get assigned to 1 of 10 randomly selected server pools and hence have a 90% chance of requiring a change to the NS server glue records on restore?

Do you even know which order things would have to be restored in to prevent failures during a restore?

Could you possibly work out what is missing if you log on to your cloud portal and see the "Welcome to Azure, to get started click here" splash page?

Get it?

> The equivalent scenario to recovering from a bulk erasure of all Azure RM resources is this

It just occurred to me how much easier it is to wipe everything in the cloud age than the on-prem age. Doing all the things you said for on-prem takes some serious effort. Some, like factory resets, may be impossible without individual physical access. You would probably be discovered and stopped before you can inflict much damage. In the cloud age however, it takes orders of magnitude less time and effort to inflict the same damage.

It is kinda like how much easier it is to steal data now. Before the digital age, stealing as much data as Equifax hack would have required moving truckloads of paper without being discovered. It was simply impossible to pull it off in reality. In the digital age, however, we have accepted massive data leaks as not only possible, but unavoidable.

> It just occurred to me how much easier it is to wipe everything in the cloud age than the on-prem age.

It's easier for physical facility damage to a single facility (whether hostile action or natural disaster) to wipe everything out in an on-prem setup than in the cloud, where multi-DC redundancy is a click away. But, sure, it's easier to wipe out data without physically destroying equipment in the cloud.

I think you're moving the goalposts. Gandi didn't lose all their servers and all the networking hardware and all the storage. They lost what sounds like a single replicated volume. If, y'know, all of their datacenters burned down at once, or an attacker got access and deleted their PaaS account, I think we'd all be a lot more sympathetic

My point is simply that the larger commercial cloud vendors aren't magically immune to bulk data loss, particularly in the face of internal threats.

Consider the current tensions between Iran and the US. If Iran decides to retaliate with cyberattacks, major cloud vendors could suddenly have multiple regions go up in smoke concurrently.

They'll just shrug their shoulders and say that it's the customers' responsibility to protect their own data, and that they're just offering platforms for rent.

"We have 'Data gone? Sucks to be you!' as translated by our VC's lawyer buried in our T&Cs" -- most "disruptive startups", probably...