Azure SQL Permissions
To allow Veeam Backup for Microsoft Azure to protect Azure SQL databases, the service account that will be used for backup and restore operations with these databases must have the following permissions.
{ "permissions": [ { "actions": [ "Microsoft.Authorization/roleAssignments/read", "Microsoft.Insights/eventtypes/values/Read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Sql/locations/*", "Microsoft.Sql/managedInstances/databases/delete", "Microsoft.Sql/managedInstances/databases/read", "Microsoft.Sql/managedInstances/databases/write", "Microsoft.Sql/managedInstances/encryptionProtector/read", "Microsoft.Sql/ManagedInstances/privateEndpointConnections/read", "Microsoft.Sql/ManagedInstances/privateEndpointConnections/write", "Microsoft.Sql/managedInstances/read", "Microsoft.Sql/servers/databases/azureAsyncOperation/read", "Microsoft.Sql/servers/databases/delete", "Microsoft.Sql/servers/databases/read", "Microsoft.Sql/servers/databases/syncGroups/read", "Microsoft.Sql/servers/databases/transparentDataEncryption/read", "Microsoft.Sql/servers/databases/usages/read", "Microsoft.Sql/servers/databases/write", "Microsoft.Sql/servers/elasticPools/read", "Microsoft.Sql/servers/encryptionProtector/read", "Microsoft.Sql/servers/privateEndpointConnections/read", "Microsoft.Sql/servers/privateEndpointConnections/write", "Microsoft.Sql/servers/PrivateEndpointConnectionsApproval/action", "Microsoft.Sql/servers/read" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } |
{ "permissions": [ { "actions": [ "Microsoft.Authorization/roleAssignments/read", "Microsoft.Insights/eventtypes/values/Read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Sql/locations/*", "Microsoft.Sql/managedInstances/databases/delete", "Microsoft.Sql/managedInstances/databases/read", "Microsoft.Sql/managedInstances/databases/write", "Microsoft.Sql/ManagedInstances/privateEndpointConnections/read", "Microsoft.Sql/ManagedInstances/privateEndpointConnections/write", "Microsoft.Sql/managedInstances/read", "Microsoft.Sql/servers/databases/azureAsyncOperation/read", "Microsoft.Sql/servers/databases/delete", "Microsoft.Sql/servers/databases/read", "Microsoft.Sql/servers/databases/write", "Microsoft.Sql/servers/elasticPools/read", "Microsoft.Sql/servers/privateEndpointConnections/read", "Microsoft.Sql/servers/privateEndpointConnections/write", "Microsoft.Sql/servers/PrivateEndpointConnectionsApproval/action", "Microsoft.Sql/servers/read" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } |