This is in addition of the restore permissions mentioned above. Subscription of the recovery Services vault Resource group to which managed disk(s) will be restoredĪlternatively, instead of a built-in-role, you can consider a custom role which has the following permissions: Microsoft.Resources/subscriptions/resourceGroups/write Temporary Storage account selected as part of restore to hold data from vault before converting them to managed disks Storage account resource where disks are going to be restoredĪlternatively, instead of a built-in-role, you can consider a custom role which has the following permissions: Microsoft.Storage/storageAccounts/write Resource group in which VM will be deployedĪlternatively, instead of a built-in-role, you can consider a custom role which has the following permissions: Microsoft.Resources/subscriptions/resourceGroups/write Microsoft.DomainRegistration/domains/write (required only for classic VM restore and not required for managed VMs), Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/read Microsoft.Network/virtualNetworks/read Microsoft.Network/virtualNetworks/subnets/read Microsoft.Network/virtualNetworks/subnets/join/action Resource group containing the virtual machineĪlternatively, instead of a built-in-role, you can consider a custom role which has the following permissions: Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/read Microsoft.Compute/virtualMachines/instanceView/read Management OperationĪlternatively, instead of a built-in-role, you can consider a custom role which has the following permissions: Microsoft.Compute/virtualMachines/write Microsoft.Compute/virtualMachines/readĮnable backup of Azure VMs (from VM blade) The following table captures the Backup management actions and corresponding minimum Azure role required to perform that operation. Mapping Backup built-in roles to backup management actions Minimum role requirements for Azure VM backup Right backup authenticity how to#If you're looking to define your own roles for even more control, see how to build Custom roles in Azure RBAC. Imagine this role to be a monitoring person. Backup Reader - This role has permissions to view all backup management operations. Right backup authenticity registration#This role is equivalent to contributor except it can't perform destructive operations such as stop backup with delete data or remove registration of on-premises resources.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |