How to configure your N2WS server deployed on AWS to also start backing up resources located in Azure.
This article is a step by step guide on how to configure your N2WS instance that is deployed on AWS to start backing up resources from your Azure subscriptions.
Part I Add an App registration in Azure.
1. Open the Azure portal and go to Azure Active Directory, then click on App registrations.
2. Click New Registration.
3. In the Register an application screen enter a Name for the registration in this example CPM training.
Add the option for Supported account types and select Accounts in this Organizational directory only (default directory only -single tennant.
Click on Register.
4. The following items will need to be added to CPM when you add the Azure account there so copy the following information to a text document for later use
Application (client) ID
Directory (tennant) ID
5. Open the CPM console and go to the Accounts page and select +New and select Azure Account.
Open the text file you copied the Directory (tenant) ID and Application (client) ID into copy the values into the CPM New Azure Account screen.
6. In the Azure Portal screen go to Certificates and Secrets screen.
7. Click on + New Client secret
8. Add a meaningful description in the description field and set an expiration in the expires filed and click the Add button.
9. Copy the value of the newly created secret by using the clipboard option (see screenshot below).
10. In the CPM Console, copy and paste the Client secret value into the Client Secret field and then the click Save button.
11. CPM Accounts screen will now show the newly create Azure account and will indicate that under the column Cloud.
Part 2 Create a Custom Role and Add Permissions
12. In the Azure Portal go to Subscriptions, then go to Access Control (IAM)
13. Click the +Add button , Add custom Role.
14. Please download the CPM Azure JSON permissions file from the following link - https://support.n2ws.com/portal/en/kb/articles/minimal-azure-permissions-roles-for-n2ws-operations
15. Add a meaningful name to the Custom role Name field. and select the option start from JSON. Then click the open file icon (folder icon) and select the file you downloaded in the previous step. In this example we named it CPM.
NOTE: You should see an indication that the file was uploaded in the upper right comer of the Azure Portal.
16 . Click on the Assignable Scopes tab.
17. Delete the Assignable scope listed /subscriptions<SUBSCRIPTION_ID> by hitting the trash can symbol.
18. Please click on the Add assignable scopes button.
19. Select your subscription and click the Add button. Then click the review and create button.
20. Click Create.
Part 3 Add a role assignment for the App Registration
21. While still on your azure subscription page. Click on "Access Control (IAM)" again
22. Select "Add Role Assignment"
23. Search for the role you just created in step 2 and select it.
24. click "+ select members" and then on the right hand side search for your app registration that you created in step 1 and then click "select" at the bottom of the page
25. Select "Review + assign" at the bottom left of the screen. (repeat steps 2 & 3 for any additional Azure subscriptions you wish to add to N2WS.
Part 4 Configure Azure backup policy in CPM
21. Open your N2WS Console and go to Policies
22. Click on New, Then Azure Policy
23. Give the policy a name in this example Azure and make sure the Account field is your Azure Account you created earlier in this process.
Make sure that the Enabled checkbox is selected. The subscription field should be populated automatically if all the previous steps were configured correctly.
Select you schedule, Set the configuration options Auto Target Removal and Keep # of backup Snapshot Generations. Click the Next button.
24. On the Backup Targets tab click on the Add backup Targets button. Select to add Virtual machines or Disks from the drop down list.
25. Choose the correct Location and Resource Group and a list of virtual machines should appear. Choose which virtual machines to include in the policy. Then click Add Selected Button at the bottom of the screen. Click close to exit the Add Virtual machines screen.
26. On the More options page add you desired configuration options for the settings Backup Successful when, Number of retries , Wait between retries, and failures to trigger alert. For more details on these settings see the CPM User Guide. Then click save to save the configuration settings for the policy. Then click the Save button at the bottom of the screen.
Related Articles
Required minimal AWS permissions/roles for CPM operation
You can apply all the required roles by using the JSON files inside the archive attached to this article (including the new permissions required for v4.0 and up). Note that for some editions there is more then 1 json file. If you are using FLR or ...Minimal Azure permissions/roles for N2WS operations
The required minimal IAM permissions json is attached to this KB article. You can find detailed steps in our User guide, Chapter 26: https://n2ws.com/support/documentation Or in the following KB Article: How to setup CPM on AWS to backup Azure ...AWS to Azure - Subscription dropdown is empty
Issue: When creating an Azure policy in CPM (AWS based), the dropdown to select the subscription might show nothing: Solution: The issue is related to permissions, either the role doesn't have the correct permissions or it was not linked to the app ...How-To integrate N2WS Backup & Recovery 2.7.0a with Azure Active Directory
Background: This How-To guide provide details about the configuration required in order to integrate N2WS Backup & Recovery 2.7.0a with Azure Active Directory SSO, It shows an example on how to create and configure Enterprise application in Azure and ...Release notes for the latest v4.2.x CPM release
First time Installing? Watch the Install and Configure N2WS Backup & Recovery video tutorial AMI upgrade is available from 2.6.0 and above to 4.2.2 KB article: AMI upgrade directions Patch upgrade is available from 4.2.0/4.2.1 to 4.2.2. KB article: ...