Azure SQL Permissions
To allow Veeam Backup for Microsoft Azure to protect Azure SQL databases, the service account that will be used for backup and restore operations with these databases must have the following permissions.
{ "permissions": [ { "actions": [ "Microsoft.Authorization/roleAssignments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Sql/locations/*", "Microsoft.Sql/managedInstances/databases/delete", "Microsoft.Sql/managedInstances/databases/read", "Microsoft.Sql/managedInstances/databases/write", "Microsoft.Sql/managedInstances/encryptionProtector/read", "Microsoft.Sql/managedInstances/read", "Microsoft.Sql/servers/databases/azureAsyncOperation/read", "Microsoft.Sql/servers/databases/delete", "Microsoft.Sql/servers/databases/read", "Microsoft.Sql/servers/databases/syncGroups/read", "Microsoft.Sql/servers/databases/transparentDataEncryption/read", "Microsoft.Sql/servers/databases/usages/read", "Microsoft.Sql/servers/databases/write", "Microsoft.Sql/servers/elasticPools/read", "Microsoft.Sql/servers/encryptionProtector/read", "Microsoft.Sql/servers/read" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } |
{ "permissions": [ { "actions": [ "Microsoft.Authorization/roleAssignments/read", "Microsoft.Resources/subscriptions/resourceGroups/read", "Microsoft.Sql/locations/*", "Microsoft.Sql/managedInstances/databases/delete", "Microsoft.Sql/managedInstances/databases/read", "Microsoft.Sql/managedInstances/databases/write", "Microsoft.Sql/managedInstances/read", "Microsoft.Sql/servers/databases/azureAsyncOperation/read", "Microsoft.Sql/servers/databases/delete", "Microsoft.Sql/servers/databases/read", "Microsoft.Sql/servers/databases/write", "Microsoft.Sql/servers/elasticPools/read", "Microsoft.Sql/servers/read" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } |