Skip to main content
All CollectionsEnterprise WorkloadsProtect Azure SQLPlan and Prepare Azure SQL resources for backup
Roles and Permissions for Azure SQL
Roles and Permissions for Azure SQL
Updated over 2 weeks ago

โ— Important

This feature has limited availability. To know more about limited availability and sign up for this feature, contact your Account Manager.

Azure role-based access control (Azure RBAC) is the primary method of managing access in Azure. Managing who can access your Azure resources and subscriptions is an important part of your Azure governance strategy.

Azure RBAC is an authorization system built on Azure Resource Manager that provides granular access management to Azure resources. Azure RBAC allows you to manage access to your resources in Azure. When planning your access control strategy, itโ€™s best practice to grant users the least privilege required to get their work done.

To assign roles or grant access, ensure that you have the appropriate Microsoft.Authorization/role assignment of Global Administrator.

๐Ÿ“ Note

Before you onboard or register subscriptions, ensure that you have the Users can register applications permission enabled for your user account in the Azure environment.

Permissions

The following table provides detailed information on the permissions required to grant Druva access to your Azure environment.

Category

Permission Name

Permission ID

Why Druva needs the Permission

Onboarding permissions

Microsoft.ManagedIdentity

userAssignedIdentities/assign/action

Assign managed identity to the Druva's Quantum Bridge so that it can access the keyvault

Discovery, Backup, and Restore permissions for SQL Databases

Microsoft.Sql

/servers/read

/servers/elasticPools/read

/servers/databases/read

/servers/databases/write

/servers/databases/delete

Discover, backup and, restore Azure SQL Databases

Discovery, Backup, and Restore permissions for SQL Managed Instances

Microsoft.Sql

/managedInstances/read

/managedInstances/databases/read

/managedInstances/databases/delete

/managedInstances/databases/write

Discover, backup, and restore Azure SQL managed instances

Discovery, Backup, and Restore permissions for SQL Managed Instances

Microsoft.Compute

/virtualMachines/runCommand/actio

Execute the SQL commands on the Druva Quantum Bridge and also for discovery of SQL servers on Azure VM.

Related Keywords: Azure SQL roles and permissions, onboarding roles, onboarding permissions, Azure SQL permissions

Related Articles
Quick steps to set up Druva to back up MS SQL Server databases
Roles and permissions for Azure VMs
About data protection for Azure SQL
Protecting Azure SQL: Quick reference guide
Pre-requisites for protecting Azure SQL resources
Did this answer your question?