Adding an Azure resource group as compute

Adding an Azure resource group to R‑Cloud as compute enables you to create data movers in your own Azure resource group.

As part of adding an Azure resource group as compute to R‑Cloud, you add the HMSP to your Azure tenant. The HMSP is a special type of Azure service principal that is designed specifically for R‑Cloud to access resources and to run data protection operations in Azure. The HMSP provides business continuity of your data protection environment by enforcing a single service principal that cannot be deleted accidentally. At the same time, the HMSP also delivers enhanced security by uniquely identifying the service and by using the key rotation to limit risks associated with potential leaks of the service principal secrets.

Procedure

  1. In the Compute dialog box, click the Azure tab, and then click New New.

  2. Only if you are adding compute at the subscription level. Select one or more protection sets to which you want to add the compute Azure resource group.

  3. In the Tenant ID field, enter your Azure tenant ID.

  4. In the Subscription ID field, enter your Azure subscription ID.

    Note  The name of the created application in your Azure tenant is HYCU R‑Cloud.

  5. In the Resource Group Name field, enter the name of your Azure resource group, and then click Add. This will register R‑Cloud as an application in your Azure tenant and create the HMSP.

    Note  If you want to add multiple Azure resource groups as compute, you can do so in a single step by entering their names.

  6. Click Create and Assign Role to create a custom role and assign it to the HMSP in the Azure portal.

    Note  The name of the created custom role is HYCU R‑Cloud Compute Role. To see which permissions are assigned to the created custom role, see Using the HYCU R‑Cloud Role for Azure.

  7. Return to the R‑Cloud web user interface, and then click Save.

The Azure resource group is added to the compute list.

You can later delete the Azure resource groups that you do not need anymore (click Delete Delete). As part of deleting the Azure resource group, you must also delete the IAM permissions that were created in the Azure resource group. To delete these permissions, in the Delete Compute dialog box, copy the bash script, and then click Go to Azure Cloud Bash Shell to open your Azure Bash Shell and run the script.