When you add a Cosmos DB for Table instance, you can do that by creating a new Azure account.
Before You Begin
For Azure Resource Manager, the cloud account represents an application, and there are two methods of deployment:
-
The traditional method with Azure Active Directory, for which you must set up the application and tenant. With this option, when you configure the cloud account, you must provide the following information:
-
Subscription ID
-
Tenant ID
-
Application ID and password
To complete this type of deployment, refer to Configuring Access to Azure Resources.
-
-
Managed identity authentication with Azure Active Directory. This is a more secure method of deployment. Using this method ensures that your Azure subscription is accessed only from authorized managed identity-enabled virtual machines. In addition, the process of adding an Azure cloud account is easier, because you need only the Subscription ID, but not the Tenant ID, Application ID, or Application Password.
To complete this type of deployment, refer to Configuring Access to Azure Resources Using a Managed Identity.
Verify that the access node machines have the contributor role assigned for the resource group to which the Cosmos account belongs. If the accounts are under multiple resource groups, keep the scope for the contributor role as a subscription scope. For restricted access, create a custom role using the AzureDBBackupRole file.
Procedure
-
From the navigation pane, go to Protect > Databases.
The database overview page appears.
-
Click Add instance, and then select Cloud database service.
The Add Cloud DB Instance page appears.
-
From the Vendor list, select Microsoft Azure, and then click NEXT.
The Configure Azure Database page appears.
-
Select Cosmos DB, and then click NEXT.
The Select A Plan page appears.
-
From the Plan list, select the backup plan to use for the instance, and then click NEXT.
The Cloud Account page appears.
-
From the API list, select TABLE API.
-
Beside the Cloud account list, click +.
The Add cloud account dialog box appears.
-
In the Name box, type the name for the account.
-
Enter information about the subscription:
-
For the traditional authentication method of deployment, enter the following information:
-
Subscription ID: Enter the subscription ID for the Azure account.
-
Credentials: If you have already configured the credentials entity, select the credentials from the list. To define a new credential, click + beside the list. For more information, see Adding Credentials.
-
-
For the managed identity authentication method of deployment, configure the following settings:
-
Connect using managed identities for Azure resources: Move the toggle key to the right.
-
Subscription ID: Enter the subscription ID for the Azure account.
-
-
-
From the Access node list, select access nodes that have both the Virtual Server and Cloud Apps packages installed.
Note
If you configure this cloud account to use managed identity authentication, select only Azure access nodes that use managed identity authentication so that backups and restores will be successful. The access node must be an Azure virtual machine in the same subscription that contains the Cosmos DB account that you want to back up.
-
Click SAVE.
-
Click NEXT.
The instance details page appears.
-
From the Region list, select the region for the instance.
-
In the Instance box, enter a name for the instance.
-
In the Table group box, enter a name for the table group, and then click NEXT.
The Backup Content page appears.
-
To filter the content that is backed up, click EDIT, select the Cosmos DB accounts or tables that you want to include as content for the default table group, and then click SAVE.
-
Click NEXT to create the instance.
A summary page is displayed that shows the instance details.
-
Review the summary, and then click FINISH.
What to Do Next
A table group is created for the instance. You can create more table groups to meet different backup requirements.