Specifying Existing Repository Account

In this article

    [This step applies only if you have selected the Specify existing repository account option at the Select Repository Account Type step of the wizard]

    When you specify an existing repository account, Veeam Backup for Microsoft Azure connects to an existing Azure AD application that grants access to your Azure resources. For Veeam Backup for Microsoft Azure to be able to connect to the Azure AD application, it must be created in the Microsoft Azure portal as described in Microsoft Docs.

    At the Service Account step of the wizard, specify an existing service account that grants access to your Azure resources:

    1. In the Application ID field, enter the application identifier. You can find the identifier in the application settings of your Azure Active Directory. For more information, see Microsoft Docs.

    The specified Azure AD application must have either a custom role or the Contributor and Key Vault Crypto Officer Azure built-in roles assigned. If the AD application has a custom role assigned, make sure the role is granted the permissions required to manage backup repositories. To learn how to create custom roles, see Microsoft Docs.

    Tip

    If you have ever created a new service account using the Create repository account automatically option, you can also assign to the specified Azure AD application the Veeam Repository Account role that has been created in Microsoft Azure environment automatically by Veeam Backup for Microsoft Azure. To learn how to assign Azure roles, see Microsoft Docs.

    1. Select an application authentication type:
    • Select the Client (application) secret option to use a client secret created in the specified Azure AD application. In the Secret field, enter the value of the secret. To learn how to create client secrets, see Microsoft Docs.
    • Select the Certificate option to use a certificate uploaded to the specified Azure AD application. In the Security certificate field, click Select File to locate the certificate. Then, provide a password used to encrypt the certificate in the Certificate password field. To learn how to upload certificates to Azure AD applications, see Microsoft Docs.

    Important

    Veeam Backup for Microsoft Azure supports certificates only in the formats .PFX and .P12.

    1. In the Tenant ID field, enter the tenant ID of the specified Azure AD application.

    You can find the tenant ID in the application settings of your Azure Active Directory. For more information, see Microsoft Docs.

    Specifying Existing Account