Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Snapshot Manager for Cloud Install and Upgrade Guide
  3. Section II. NetBackup Snapshot Manager for Cloud maintenance
  4. Troubleshooting NetBackup Snapshot Manager for Cloud
  5. Discovery is not working even after assigning system managed identity to the control node pool
NetBackup™ Snapshot Manager for Cloud Install and Upgrade Guide

Discovery is not working even after assigning system managed identity to the control node pool

If System managed identity is not enabled on NetBackup Snapshot Manager (deployed on Kubernetes cluster) and user adds Azure cloud provider (with User managed identity already added) using System managed identity, then User managed identity is automatically selected for the addition of Azure cloud provider and plugin addition is successful.

But it could not discover the assets if there are insufficient permissions added in System managed identity. Discovery and NetBackup Snapshot Manager related operations would not work even if System managed identity is enabled and required permission/role is added to System managed identity later on. Because it will always use User managed identity at the backend of NetBackup Snapshot Manager.

To resolve this issue, perform the following steps

  1. Update the required permission/role and then add the permissions to User managed identity and run the required operations again.
  2. Edit the corresponding Azure provider configuration in NetBackup Web UI and run the required operations again.

The following table lists the scenarios and expected outcomes of different Azure plug-in configurations:

Table: Scenarios and expected outcomes of different Azure plug-in configurations

NetBackup Snapshot Manager configuration

VM configuration in Azure

Snapshot

System managed identity (MI)

User managed identity (MI)

System MI

CP-Permissions

N/A

Yes

N/A

CP-Permissions

Yes

N/A

  • CP-Permissions

  • Reader

N/A

Reader

CP-Permissions

No

CP-Permissions

Reader

Yes

Reader

Reader

No

CP-Permissions

CP-Permissions

Yes

User MI

CP-Permissions

N/A

N/A

N/A

CP-Permissions

Yes

Reader

CP-Permissions

Yes

CP-Permissions

Reader

No

Reader

Reader

No

CP-Permissions

CP-Permissions

Yes

User MI (Reader)

N/A

  • CP-Reader

  • CP-Permissions

No

Note:

In the above table, CP-Permissions is a role that has permission to take snapshot andReader is a role that does not have permission to take the snapshot.

Feedback

Was this page helpful?
Previous

Disk-level snapshot restore fails if the original disk is detached from the instance

Next

Performance issue with GCP backup from snapshot

Feedback

Was this page helpful?