Permissions
For general requirements for permissions that must be provided to the user account to install and work with Veeam Backup & Replication, see Permissions for Veeam Backup & Replication. In addition to general port requirements, make sure that user accounts have permissions listed in the following subsections:
Operation | Required Roles and Permissions |
---|---|
Installing and updating Veeam Plug-In | The account used for installing and updating Veeam Plug-In must be a member of the local Administrators group. Local administrator permissions are required to install and manage Veeam Plug-In Toolbar in Microsoft SQL Server Management Studio. |
Performing backup and restore operations in Veeam Plug-In | To be able to connect to a Microsoft SQL Server instance, the account used for starting Microsoft SQL Server backup and restore processes must meet the following conditions:
|
Connecting to Veeam Backup & Replication, managing backups | The account that is used to authenticate against Veeam Backup & Replication must have access permissions on required Veeam backup repository servers. To learn how to configure permissions on repositories, see Access and Encryption Settings on Backup Repositories. Veeam Plug-In for Microsoft SQL Server uses Windows authentication methods of the Veeam Backup & Replication server to establish a connection to this server and to the backup target. It is recommended to create one user for each standalone Microsoft SQL Server or failover cluster with Veeam Plug-In. To work with backups created by Veeam Plug-In, you can use only the same account that was used for creating the backup. If you want to use another account, assign the Veeam Backup Administrator role or Veeam Backup Operator and Veeam Restore Operator roles to the account. For details on how to assign Veeam Backup & Replication roles, see Managing Users and Roles. |
Permissions for Object Storage
The general permissions for backup to object storage are listed in Using Object Storage Repositories. Additional permissions are required if you want to back up databases with Veeam Plug-In. The list of additional permissions differs depending on the selected object storage and the way you set your backup infrastructure:
- Amazon S3
- S3 compatible (including IBM Cloud Object Storage and Wasabi Cloud Storage)
- Google Cloud Storage
Consider the following:
- Make sure the user account you are using has access to Amazon buckets and folders.
- The ListAllMyBuckets permission is not required if you specify the bucket name explicitly at the Bucket step of the New Object Repository wizard.
- If you plan to use Amazon S3 storage with immutability enabled, see permissions required for immutability in Using Object Storage Repositories. For details about immutability, see Immutability for Object Storage Repositories.
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the Amazon S3 storage.
- You selected direct connection in the object storage settings. For details, see Adding Amazon S3 Object Storage.
If you plan to back up data using such infrastructure configuration, make sure the user account that you use to connect to the object storage has the following permissions:
{ |
S3 Compatible (Including IBM Cloud Object Storage, Wasabi Cloud Storage)
Consider the following:
- Make sure the user account you are using has access to Amazon buckets and folders.
- The ListAllMyBuckets permission is not required if you specify the bucket name explicitly at the Bucket step of the New Object Repository wizard.
- If you plan to use Amazon S3 storage with immutability enabled, see permissions required for immutability in Using Object Storage Repositories . For details about immutability, see Immutability for Object Storage Repositories.
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the S3 compatible storage.
- Direct connection is selected in the object storage settings. For details, see Specify Object Storage Account.
- The Provided by IAM/STS object storage capabilities option is selected for the object storage. For details, see Managing Permissions for S3 Compatible Object Storage.
If you plan to back up data using such infrastructure configuration, make sure the user account that you use to connect to the object storage has the following permissions:
{ |
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the Google Cloud storage.
- You configured Helper Appliance in the object storage settings. For details, see Configuring Helper Appliance.
- You selected direct connection in the object storage settings. For details, see Specify Object Storage Account.
If you plan to back up data using such infrastructure configuration, make sure the user account that you specify in the Helper Appliance settings has the following permissions:
{ |