Troubleshooting: Azure Backup Failure Due to Missing Permissions for 'Microsoft.Storage/storageAccounts
1. Backup failed. Make sure the permissions for 'Microsoft.Storage/storageAccounts' listed in the 'Prerequisites to add Azure Account' are granted.
Cause:
Permissions to access the storage account are missed or misspelled while creating a role for App Registration. Account credentials are not generated by following the correct document.
Solution:
To resolve this issue, follow these steps:
1. Make sure credentials for Azure Account are generated by following the steps given in the below document: Pre-requisites to Add Azure Account
2. If credentials are generated, ensure that the permission JSON assigned for the role has the following permissions:
Under "actions":
"Microsoft.Storage/storageAccounts/read"
"Microsoft.Storage/storageAccounts/write"
"Microsoft.Storage/storageAccounts/blobServices/containers/read"
"Microsoft.Storage/storageAccounts/blobServices/containers/write"
"Microsoft.Storage/storageAccounts/blobServices/containers/delete"
"Microsoft.Storage/storageAccounts/blobServices/generateUserDelegationKey/action"
"Microsoft.Storage/storageAccounts/blobServices/read"
"Microsoft.Storage/storageAccounts/blobServices/write"
"Microsoft.Storage/storageAccounts/listKeys/action"
Under "dataActions":
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read"
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
"Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete"
3. If not, edit the permission JSON, then copy and paste the above permissions under "actions," save it, and wait for some time for the permission changes to get reflected. Then proceed with the backup.