NetBackup Snapshot Manager adds Managed Identity in Azure
Hi Friends,
Veritas NetBackup Snapshot Manager (NBSM) for Azure now provides users the ability to choose their authentication method using either the existing service principal based method or managed identity, which is available in NetBackup 10.1 and beyond. Instead of creating separate applications in Azure, NBSM can now utilize managed identity and configure plugins.
Figure 1: NetBackup Snapshot Manager, formally CloudPoint, Access Control in Azure.
If service principal is chosen:
- Uses ClientID and Secret Key
- ClientID is unique to user/group/application
- For non-Azure deployments, this is the only type of authentication currently available.
Figure 2: NetBackup Snapshot Manager using service principal.
Figure 3: Configuring NetBackup Snapshot Manager using service principal in the NetBackup WebUI.
If managed identity is chosen, there are two versions that can be chosen from:
System Managed Identity
- Comes with and has the lifecycle of the resource.
- Unique to a resource and cannot be shared.
User Managed Identity
- Can be created by users separately
- Can be shared with multiple resources
- Cannot be tied to the lifecycle of any resource and must be deleted explicitly.
Figure 4: NetBackup Snapshot Manager using managed identities.
Figure 5: Configuring NetBackup Snapshot Manager using system managed identity in the NetBackup WebUI.
Figure 6: Configuring NetBackup Snapshot Manager using user managed identity in the NetBackup WebUI.
With the ability to create both user and system managed instances in Azure, Veritas NetBackup Snapshot Manager allows users greater flexibility when connecting NBSM to their Azure portal.