> Software > Protect > Databases > Azure > Azure Database for PostgreSQL > Getting Started

Configure Microsoft Azure for PostgreSQL Database Server Running on Cloud

The databases server configuration guides you through creating a backup plan and adding a Azure Database for PostgreSQL.

Before You Begin

If you are an MSP and you want your tenant administrators to configure the Azure instances using the Commvault Cloud infrastructure, see Managed Service Provider Configuration for Azure.

  1. From the Command Center navigation pane, go to Explore > Service catalog.

  2. On the Welcome page, in the Databases tile, click Configure.

  3. Configure Database Server page, select Database running in the cloud (PaaS).

  4. Select Microsoft Azure, and then click Next.

  5. On the Configure Azure Database page, select PostgreSQL, and then click Next.

    The Configure Microsoft Azure Subscription page appears.

Configure Microsoft Azure Subscription

  1. You can select the following two Microsoft Azure subscriptions:

    1. Express configuration using OAuth: Uses the hosted infrastructure provided by Commvault Cloud for backups.

    2. Custom configuration: You can choose to use either the hosted infrastructure provided by Commvault Cloud or your own configured access nodes for backups.

Custom Configuration

  1. Select Custom configuration, then click Next.

    The Configure Azure Database - PostgreSQL page appears.

Configure Permissions

  1. Select Use hosted infrastructure.

  2. Select one of the following application based authentications - Use an existing application or Deploy a new application

    Note

    For Express configuration, Use an existing application and Deploy a new application are disabled.

    • If you select Use an existing application, proceed as follows:

      1. From the Credential list, select an existing credential or add a new credential. To add a new credential, proceed as follows:

        Steps to add a new application credential

        1. Click the + icon beside the Credentials list.

          The Add Credential dialog box appears.

        2. From the Credential Vault list, select a credential vault to store credentials for different types of accounts.

        3. In the Credential name box, enter the credential name.

        4. In the Application ID box, enter the application ID associated with the tenant.

        5. In the Tenant ID box, enter the tenant ID associated with the Azure account.

        6. In the Application secret, enter the application password.

        7. From the Environment list, select the Azure environment type.

        8. Move the Show endpoints toggle to right to show the different endpoints.

        9. In the Description box, enter the description for Azure subscription.

      2. Select Assign required roles to the selected application if you want to Log on to the Azure portal as the subscription owner and execute the commands in the Cloud Shell.

    • If you select Deploy a new application, proceed as follows:

      1. In the Application name box, select the name of the application to be created in Azure.

      2. In the Subscription ID box, enter the subscription id.

      3. From the Credential list, either select an existing credential or add a new credential.

  3. Click Next.

    The Configure access nodes page appears.

  4. From the Region list, select a region. The infrastructure in the same region will be used.

  5. Click Next.

    The Plan page appears.

  1. Select Use your access nodes for backups.

  2. Select one of the following authentication methods - Application or Managed identity.

  3. When you select Application, you can select the following application based authentications - Use an existing application or Deploy a new application

    • If you select Use an existing application, proceed as follows:

      1. From the Credential list, select an existing credential or add a new credential. To add a new credential, proceed as follows:

        Steps to add a new application credential

        1. Click the + icon beside the Credentials list.

          The Add Credential dialog box appears.

        2. From the Credential Vault list, select a credential vault to store credentials for different types of accounts.

        3. In the Credential name box, enter the credential name.

        4. In the Application ID box, enter the application ID associated with the tenant.

        5. In the Tenant ID box, enter the tenant ID associated with the Azure account.

        6. In the Application secret, enter the application password.

        7. From the Environment list, select the Azure environment type.

        8. Move the Show endpoints toggle to right to show the different endpoints.

        9. In the Description box, enter the description for Azure subscription.

      2. Select Assign required roles to the selected application if you want to Log on to the Azure portal as the subscription owner and execute the commands in the Cloud Shell.

    • If you select Deploy a new application, proceed as follows:

      1. In the Application name box, select the name of the application to be created in Azure.

      2. In the Subscription ID box, enter the subscription id.

      3. From the Credential list, either select an existing credential or add a new credential.

  4. When you select Managed identity, from the Subscription ID, select a subscription ID where managed identity will be used.

  5. Click Next.

    The Configure access nodes page appears.

  6. From the Access nodes list, select an access node for backup.

  7. Click Next.

    The Plan page appears.

Plan

  1. Select an existing backup plan or create a new backup plan.

    1. Click the add button add/plus button - gray - no border.

      The Add plan dialog box appears.

    2. In the Plan name box, enter a descriptive name for the backup plan.

    3. Select an existing Storage or Add a new storage.

    4. Select Configure backups and perform schedule and retention settings.

      1. Define the frequency and retention period of your backup.

      2. Under Add extended retention, define the following:

        • From the Backups to retain list, select the kind of backup you want to retain.

        • From the Retention period list, select the days for which you want to retain the backup.

    5. Click Save.

  2. Click Next.

  3. The Cloud Account page appears.

Cloud Account

The cloud account is used to access the databases for discovery, backups, and other operations.

Note

  • The cloud account for a cloud database instance cannot be modified after the instance is created. Deleting a cloud account or hypervisor permanently deconfigures all associated cloud database instances. Deleting a server from (Manage > Infrastructure > Servers) permanently removes all associated cloud database instances. Before deleting a cloud account, hypervisor, or server, ensure that you understand the impact on dependent resources and retain any required backup data.

  • You can configure managed identities for Azure resources only while using the Use your access nodes for backups > Managed identity.

  1. Select an existing cloud account or create a new cloud account.

    Steps to add new cloud account

    1. Beside the Cloud account list, click +.

      The Add cloud account dialog box appears.

    2. In the Name box, type the name for the account.

    3. Enter the information about the subscription:

      • For the traditional authentication method of deployment, enter the following information:

        • Subscription ID: Enter the subscription ID for the Azure account.

      • For the managed identity authentication method of deployment, configure the following settings:

        • Connect using managed identities for Azure resources: Move the toggle key to the right.

        • Subscription ID: Enter the subscription ID for the Azure account.

    4. Click SAVE.

  2. Click Next.

    The Backup Content page appears.

Backup Content

Select the databases in the instance to backup.

  1. If you proceed with Rule based discovery, do the following:

    1. Click Add.

      The Add rule group dialog box appears.

    2. To specify the type of Match rule, select all or any. The rules for the match are as follows:

      • all: All rules that you configure for the rule group must be satisfied for a database instance to be discovered.

      • any: Any rule that you define that is satisfied will result in the matching database being discovered.

    3. From the list of rule types, select the type of rule to create, and then specify the rule:

      • Instance name: Select instances based on their names. For example, to select instances that have a name that includes "east", enter Instance name | Contains | east.

      • Tag name: Select instances based on the names of tags that are assigned to them. Enter the tag name in the regiontag_name format. For example, to select instances in the eastern US Region that are for a department, enter Tag name | Equals | us-east-1department.

      • Tag value: Select instances based on the values of tags that are assigned to them. Enter the tag value in the regiontag_nametag_value format. For example, to select instances in the eastern US Region for the human resources department, enter Tag value | Equals | us-east-1departmentHR.

    4. Click Save.

    5. Click Preview to see the instances that you selected for the group.

    6. From the Credential list, select a saved credential or add a new credential.

      Steps to add a new credential

      1. From the Credential Vault list, select a credential vault to store credentials for different types of accounts.

      2. In the Credential name box, enter a name for the credential.

      3. Move the Use Azure AD Authentication toggle key to right, and enter the following details:

        • In the Username box, enter the user name to access the Azure Database for MySQL application.

        Note

        If you do not move the Use Azure AD Authentication toggle to right, you need to enter the password name detail.

      4. The SSL certificate toggle key is unselected by default. By moving the toggle key to right, you can perform the following actions:

        • In the SSL CA file field, provide the SSL CA file path on the proxy computer.

        • In the SSL Cert file field, provide the SSL certificate file path on the proxy computer.

        • In the SSL Key file field, provide the SSL key file path on the proxy computer.

      5. In the Description box, enter the details of the credential.

      6. Click Save.

  2. If you proceed without rule based discovery, do the following:

    1. Instance name: Select instances based on their names.

    2. Under the Connection details section,

      1. from the Credential list, either select a saved credential or add a new credential.

      2. In the Maintenance DB box, type the name of the system database that is used as the maintenance database.

      3. In the Endpoint box, type the name of the endpoint to connect to the database instance.

  3. Click Next.

    The Summary page appears.

Summary

  1. Review the summary.

  2. Click Finish.

×

Loading...