https://login.veeam.com/en/oauth?client_id=nXojRrypJ8&redirect_uri=https%3A%2F%2Fwww.veeam.com%2Fservices%2Fauthentication%2Fredirect_url&response_type=code&scope=profile&state=eyJmaW5hbFJlZGlyZWN0TG9jYXRpb24iOiJodHRwczovL3d3dy52ZWVhbS5jb20va2IzMTU0IiwiaGFzaCI6ImUxNDM4OWNkLTIzMzAtNDQ0YS04OTIwLTYwYWI0MjA5NzRmZiJ9
1-800-691-1991 | 9am - 8pm ET
Contact Sales Downloads Support Forums
EN

Required Roles and Permissions for Veeam Backup for Microsoft Azure

Challenge

You want to create manual permissions for your Azure account (service account) for Veeam Backup for Microsoft Azure or for a repository account. The Azure or service account is responsible for:
  • Synchronization of virtual machines and disks with the Veeam Backup for Microsoft Azure database.
  • Synchronization of subscriptions and storage accounts.
  • Accessing virtual machines and its disks as a source of backup.
  • Creating and deleting snapshots of virtual disks during backup.
The repository account can be used to store data in a different Azure Active Directory.

Solution

Azure Service Account
Go to the Azure portal and add permissions to your Azure account. The account for the default subscription will need at least the following permissions:  
Contributor
For other subscriptions that are connected to your account, add the following permissions: 
Snapshots  
Microsoft.Compute/snapshots/read  
Microsoft.Compute/snapshots/write  
Microsoft.Compute/snapshots/delete  
Virtual Machines  
Microsoft.Compute/virtualMachines/write  
Microsoft.Compute/virtualMachines/delete  
Microsoft.Compute/virtualMachines/read  
Disks  
Microsoft.Compute/disks/read  
Microsoft.Compute/disks/write  
Microsoft.Compute/disks/delete  
Microsoft.Resources/subscriptions/resourceGroups/read  
Microsoft.Resources/subscriptions/resourceGroups/write  
Microsoft.Resources/subscriptions/resourceGroups/delete  
Storage accounts  
Microsoft.Storage/storageAccounts/read  
Microsoft.Storage/storageAccounts/write  
Microsoft.Storage/storageAccounts/delete

 

Repository Account 
Go to the Azure portal and add permissions to your storage account. You will need at least the following permissions:  
Microsoft.Storage/storageAccounts/*  
Microsoft.Resources/subscriptions/resourceGroups/read

More information

For more information, see the Required Permissions section of the Veeam Backup for Microsoft Azure User Guide.
KB ID:
3154
Product:
Veeam Backup for Microsoft Azure
Version:
1.x
Published:
2020-04-28
Last Modified:
2020-08-13
Please rate how helpful this article was to you:
5 out of 5 based on 1 ratings
Thank you for helping us improve!
An error occurred during voting. Please try again later.
BACK TO KB SEARCH

Couldn't find what you were looking for?

Below you can submit an idea for a new knowledge base article.
Report a typo on this page:

Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!

Spelling error in text

Knowledge base content request
By submitting, you agree that your personal data will be managed by Veeam in accordance with the Privacy Policy.

ty icon

Thank you!

We have received your request and our team will reach out to you shortly.

OK

error icon

Oops! Something went wrong.

Please go back try again later.

Stay up to date with Veeam product updates, latest news, and recent content.
By subscribing, you agree to receive communications about Veeam products, services and events. Your personal data will be managed by Veeam in accordance with the Privacy Policy. You can unsubscribe at any time.