SaaS
Overview
Requirement | Learn More | |
---|---|---|
✅ | A user with needed Entra & Azure permissions. | Learn More |
✅ | Deploy and configure Azure Migrate Project and Appliance. | Learn More |
✅ | Create a Service Principal with a client secret. | Learn More |
✅ | Assign necessary roles to the Service Principal. | Learn More |
Before a Dr Migrate SaaS instance is synced with Azure Migrate, verify the below prerequisites to ensure a smooth deployment.
Permissions Required
Ideally the user performing the following steps should have the Global Administrator role.
If this is not possible, the least privileged approach to deployment requires the following permissions:
- Application Admin
- Subscription Owner
More information about least privileged role assignment please see the Microsoft Learn Portal
Azure Configuration
Deploy Azure Migrate
Dr Migrate leverages the data collection capability of Azure Migrate. Ensure that you have:
- Deployed an Azure Migrate Project.
- Deployed an Azure Migrate Appliance.
- Connected the Azure Migrate Project and Appliance.
- Provided all necessary permissions to collect data.
Microsoft has robust and detailed guides on how to deploy and configure Azure Migrate here.
Review Azure Migrate Project Connectivity Method
Create Service Principal
Dr Migrate requires a Service Principal be created to allow the Dr Migrate server to communicate with Azure Migrate.
When creating the SPN please observe the following:
- SPN Name - It is recommended to name the App Registration “drmigrate-spn”. All other settings can be left as default
- Client Secret Creation - Dr Migrate requires a client secret to be created, it is recommended to set the expiry to 12 months.
For Microsoft documentation on creating a Service Principal in Entra ID, see here
Configure Access
Assign your Service Principal, the following permissions:
Role | Scope | Requirement |
---|---|---|
Contributor | Subscription or Resource Group where Dr Migrate and Azure Migrate will be located | Mandatory |
Cost Management Reader | Subscription where Azure Migrate is deployed. | Optional |
Learn More about how to assign RBAC roles here
You can now proceed to sync your data with your SaaS Instance.