Managed identity is a secure authentication method for Azure cloud services that allows only authorized managed identity-enabled virtual machines to access your Azure subscription. Also, to configure backups for Azure Blob Storage, Azure Data Lake Storage Gen2, Azure Files, you need only the subscription ID. The tenant ID, application ID, or the application password are not required.
Before You Begin
-
Verify that your environment meets the following requirements:
-
User: You must have the Service Administrator role privileges.
-
Permissions: To back up Azure Blob Storage, Azure Data Lake Storage Gen2, and Azure Files, the selected identity must have permissions as described in Role and Permission Requirements for Protecting Azure Resources.
-
Hardware: The access nodes that you want to enable managed identities for must be virtual machines in the Azure cloud.
-
Operating system: You can use Windows and Linux machines as access nodes.
-
-
Collect the following information for your Azure account:
-
The subscription ID
-
If the user wants to enable user-managed identity on the cloud access node VM, the user-managed identity name.
-
Procedure
-
Log on to the Azure portal (https://portal.azure.com/).
-
In the left navigation pane, click Virtual machines.
-
From the list of virtual machines, search for the VM that has the Cloud Apps agent installed.
-
When you find the VM that you want to enable with a managed identity, record the Subscription value.
-
Click the virtual machine.
The virtual machine blade appears.
-
Click the Identity tab.
The Identity pane appears with the System assigned tab active.
-
The user can choose either of the following options:
-
System Assigned: Select On, and then click Save.
Here the access node itself acts as an identity to perform the backup.
-
User Assigned: Select an already configured user identity which has the required permission, and then click Save.
-