To back up an Azure Blob object storage repository with IAM (Identity and Access Management) virtual machine (VM) role assignment, you need to first assign the storage blob data owner role to the Azure VM that you will use as access node to back up storage account, and then, using the IAM VM role assignment type of authentication, add an object storage repository that contains that VM.
Assign the Storage Blob Data Owner Role to the VM
-
In the Azure portal, using the Azure subscription that is going to be associate to the VM, create or select a Windows or UNIX VM.
-
Turn the system assigned identity on.
-
In the Azure Blob Storage account, add the storage blob data owner role to the Azure VM which will be used as access node.
Add the Object Storage Repository with IAM VM Role Assignment
-
From the navigation pane, go to Protect > Object storage.
The Object storage page appears.
-
In the upper-right area of the page, click Add object storage.
The Add object storage dialog box appears.
-
Click Azure Blob Storage.
The Add Azure Blob Storage dialog box appears.
-
Enter the following information:
-
Object storage name: Enter a name for the repository.
-
Host URL: Enter the Azure Blob Storage service account URL.
For example, you can enter blob.core.windows.net.
-
Account name: Enter the name of the Azure Blob Storage account.
-
Authentication: Select IAM VM role assignment.
-
Access node: Select the VM with the storage blob data owner role.
-
Plan: Select the plan that you want to use for this object storage repository.
-
-
Click Save.
Related Topics
For information about how to assign roles to VMs, go to the Microsoft documentation website and search for "Configure managed identities for Azure resources on a VM using the Azure portal".