Veeam Data Cloud for Microsoft Azure
User Guide
Related documents
Search

Creating New Microsoft Entra Application

If you choose to create a new AAD application, Veeam Data Cloud for Microsoft Azure will create a new Microsoft Entra application in your Microsoft Entra ID. To create the Microsoft Entra application, Veeam Data Cloud for Microsoft Azure uses the Microsoft Azure Cross-platform Command Line Interface (Azure CLI). To authenticate against the Azure CLI, you must provide a single-use verification code generated by Veeam Data Cloud for Microsoft Azure.

Important

Consider the following:

  • If you have disabled the Users can register applications option in the Microsoft Azure portal, the Microsoft Azure account that you use to access the Azure CLI must be assigned the Application Developer, Application Administrator or Global Administrator role. For more information on Microsoft Entra ID roles, see Microsoft Docs.
  • The Microsoft Azure account that you use to access the Azure CLI must have the Microsoft.Authorization/*/Write permission specified in the subscription associated with the backup appliance. For more information on managing role permissions and security in Microsoft Azure, see Microsoft Docs.
  • When registering new Microsoft Entra applications, Veeam Data Cloud for Microsoft Azure also creates client secrets that will be further used to authorize access to Microsoft Azure (one client secret for each Microsoft Entra application). The lifetime of a client secret is limited to one year. To view the expiration date of a client secret, navigate to Service Accounts. To renew a client secret that is about to expire, follow the instructions provided in section Editing Service Accounts.

At the Connect Microsoft Azure step of the wizard, do the following:

  1. Click Copy code to copy the verification code to clipboard.
  1. Click https://microsoft.com/devicelogin.
  2. On the Microsoft Azure device authentication page, do the following:
  1. Paste the code that you have copied at Step 1 and click Next.
  2. Select a Microsoft Azure account that will be used to access the Azure CLI. The account must be assigned either the User Access Administrator or the Owner role.

Important

Using a personal Microsoft account is not recommended — use a work account instead.

  1. After the connection to the Azure CLI is established, return to Veeam Data Cloud for Microsoft Azure.
  1. Back in the Create Azure Service Account wizard, click Get tenant subscriptions.

Veeam Backup for Microsoft Azure will display the list of available subscriptions. You must select at least one subscription.

Note

You can add multiple subscriptions to an Azure service account. However, a subscription can only be associated with a single service account. If a subscription has been previously added to another account, you will not be able to add such subscription to the account you are creating.

  1. Click Connect and Save.

Creating New Microsoft Entra Application 

View all results across Veeam
Back to document search