To protect Azure resources with the Commvault Cloud software and/or to store backups in Azure Blob Storage in an on-premises environment, you need an Azure app registration that you can assign the roles and permissions that are required for Commvault Cloud to access the resources to.
Prerequisites
If you will use Azure CLI or Azure PowerShell for the steps on this page, use most recent version of the application.
Create the Azure App Registration
Azure Portal
-
Log on to the Azure portal with a user account that has one of the following roles:
-
Application Administrator
-
Application Developer
-
Cloud Application Administrator
-
-
From the All services menu, select the App registrations tab, and then click on New registration.
-
In Name, enter the name of the application to create on Azure Active Directory.
For example, enter My App.
-
For Account type, select the type of account, which determines who can use the application.
-
To specify a redirect URI, in Redirect URI (optional), select Web, and then enter the URI that the access token is sent to.
For example, enter https://my_org.org/my_app.
-
Click Register.
The application is listed on the App Registration tab.
-
Record the application ID.
-
On the Certificates & secrets blade, click New client secret, and then enter a description and expiration date for the client secret.
-
Click Save.
A unique client secret is generated for the application.
-
Important: Save the client secret, which will be your application secret.
After you leave the Certificate & secrets blade, you cannot retrieve the value.
Azure CLI
-
Create the app registration and get the client secret:
az ad sp create-for-rbac --name ServicePrincipalName --query password -o tsvWhere ServicePrincipalName is a descriptive name for the Azure app.
Azure PowerShell
-
Create the app registration:
$sp = New-AzADServicePrincipal -DisplayName ServicePrincipalNameWhere ServicePrincipalName is a descriptive name for the Azure app.
-
Get the client secret:
$sp.PasswordCredentials.SecretText