Backup and Recovery

Determines the authentication endpoint for AWS Backup, based on the following format:

https://backup.<AWS Region>.amazonaws.com

Determines the region where the AWS Backup jobs are located.

Determines one of the following authentication methods:

• AWS Key & Secret: Used for services outside the AWS infrastructure.

• AWS IAM Role: Used for services within the AWS infrastructure.

Defines the access key assigned to the account in the AWS Backup integration setup.

Defines the secret access key assigned to the account in the AWS Backup integration setup.

Defines the Identity and Access Management (IAM) role on an Amazon EC2 virtual machine (instance) for the AWS Backup connection.

(Service Principal) Defines the Azure Backup authentication endpoint base URL.

Default: https://login.microsoftonline.com

Defines the endpoint that enables you to perform API calls and retrieve the token for authentication.

Default: https://management.azure.com

Defines the registered subscription ID for the Azure Backup service.

Determines one of the following identity types that connects to Azure Backup:

• Service Principal: Enables you to use Azure Backup with applications, hosted services, and automated tools that access Azure resources. This identity, also known as an App Registration, is restricted by the roles assigned to the Service Principal. These roles give the Azure Administrator control over which resources are accessible, and at which level. Use this option if the Agent is installed on-premises, on an Azure virtual machine, or on any other cloud vendor.

• Managed Identity: Enables you to access other protected resources on the Azure Active Directory (AD). The identity is managed by the Azure platform. You do not need to provide credentials within Control-M. Use this option if the Agent is installed on an Azure virtual machine that has an assigned a Managed Identity with the required permissions.

To prepare for authentication with a Service Principal authentication, you must assign the Service Principal an Owner or Contributor role through the Azure platform.

(Managed Identity) Determines whether to define a specific Managed Identity.

(Managed Identity) Defines the specific Managed Identity that connects to Azure Backup.

You must complete this field only if your Azure virtual machine has multiple Managed Identities and you have selected the Specify Managed Identity Client ID checkbox. If you only have one Managed Identity, it is detected automatically.

(Service Principal) Defines the Azure tenant ID, which represents your organization.

(Service Principal) Defines the Azure AD application ID for Azure Backup.

The Service Principal must be an Azure Backup workspace user with a Contributor or Owner role.

(Service Principal) Defines the password associated with the Azure user and the Azure AD application ID.

Defines the name of the server where the data is backed up.