Adding an Azure Blob Storage Repository with IAM AD Application


To back up an Azure Blob Storage account using non-Azure virtual machines (VM) as access node, create an Azure Active Directory (AD) application, and then assign the storage blob data owner role to that AD application at the Azure storage account level. Then, use the IAM AD role assignment type of authentication to add an object storage repository.

Assign the Storage Blob Data Owner Role to the Azure AD Application

  1. On the Azure portal, create an Azure AD application.

  2. Add the storage blob owner role to the Azure AD application.

  3. Generate and save a client secret for the Azure AD application.

  4. Note down the application ID and the tenant ID of the application that you created.


  1. From the navigation pane, go to Protect > Object storage.

    The Object storage page appears.

  2. In the upper-right area of the page, click Add object storage.

    The Add object storage dialog box appears.

  3. Click Azure Blob Storage.

    The Add Azure Blob Storage dialog box appears.

  4. In the Object storage name box, enter a name for the repository.

  5. In the Host URL box, enter the Azure Blob Storage service account URL.

    For example, you can enter

  6. From the Authentication list, select IAM AD application.

  7. Do one of the following:

    • From the Credentials dialog box, select the credentials that you are going to use.

    • To add credentials to the Credential Manager, click the plus button (+).

      The Add Credential dialog box appears.

      1. Enter the following information:

      • Credential name: Enter a name for the credentials that you are creating.

      • Tenant ID: Enter the tenant ID of the Azure AD application.

      • Application ID: Enter the application ID of the Azure AD application.

      • Application secret: Enter the client secret of the Azure AD application.

      • Environment: Select an Azure environment.

      1. Click Save.

  8. Enter the following information:

    • Access node: Select the proxy client computer where the Cloud Apps package is installed.

    • Plan: Select the backup plan that you want to use for this object storage repository.

  9. Click Save.