Challenge
You want to create manual permissions for your Azure account (service account) for Veeam Backup for Microsoft Azure or for a repository account. The Azure or service account is responsible for:
- Synchronization of virtual machines and disks with the Veeam Backup for Microsoft Azure database.
- Synchronization of subscriptions and storage accounts.
- Accessing virtual machines and its disks as a source of backup.
- Creating and deleting snapshots of virtual disks during backup.
Solution
Azure Service Account
Go to the Azure portal and add permissions to your Azure account. The account for the default subscription will need at least the following permissions:ContributorFor other subscriptions that are connected to your account, add the following permissions:
Snapshots Microsoft.Compute/snapshots/read Microsoft.Compute/snapshots/write Microsoft.Compute/snapshots/delete Virtual Machines Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/delete Microsoft.Compute/virtualMachines/read Disks Microsoft.Compute/disks/read Microsoft.Compute/disks/write Microsoft.Compute/disks/delete Microsoft.Resources/subscriptions/resourceGroups/read Microsoft.Resources/subscriptions/resourceGroups/write Microsoft.Resources/subscriptions/resourceGroups/delete Storage accounts Microsoft.Storage/storageAccounts/read Microsoft.Storage/storageAccounts/write Microsoft.Storage/storageAccounts/delete
Repository Account
Go to the Azure portal and add permissions to your storage account. You will need at least the following permissions:Microsoft.Storage/storageAccounts/* Microsoft.Resources/subscriptions/resourceGroups/read
More Information
For more information, see the Required Permissions section of the Veeam Backup for Microsoft Azure User Guide.