Permissions required for protecting Azure Managed Instance databases
These permissions are required to protect Azure Managed Instance databases without creating a temporary database.
Note:
Managed Instances use Azure SAS tokens to securely put data in the form of .bak files in the Azure Blob.
Storage/storageAccounts/write
Storage/storageAccounts/delete
Storage/storageAccounts/listKeys/action
Storage/storageAccounts/regenerateKey/action
Storage/storageAccounts/read
Storage/storageAccounts/blobServices/containers/read
Storage/storageAccounts/blobServices/containers/write
Storage/storageAccounts/blobServices/containers/delete
Storage/storageAccounts/blobServices/containers/read
Storage/storageAccounts/blobServices/generateUserDelegationKey/action
Storage/storageAccounts/blobServices/containers/blobs/write
Storage/storageAccounts/blobServices/containers/blobs/delete
Storage/storageAccounts/blobServices/containers/blobs/read