Using Azure Backup to backup SQL Server database that's running in an Azure VM

Question

I am looking to use Azure Backup to backup SQL that is running inside an Azure VM. The entire VM itself is already doing an azure backup. I came across this and am wondering if I must allow access (such as NSG tags first).

"For all operations, a SQL Server VM requires connectivity to the Azure Backup service, Azure Storage, and Microsoft Entra ID. This can be achieved by using private endpoints or by allowing access to the required public IP addresses or FQDNs. Not allowing proper connectivity to the required Azure services may lead to failure in operations like database discovery, configuring backup, performing backups, and restoring data." https://learn.microsoft.com/en-us/azure/backup/backup-sql-server-database-azure-vms

Thank you for any clarification!

Answer 1

Hi ,

Thanks for reaching out to Microsoft Q&A.

Even though you’re already running a VM level backup, the SQL in guest backup extension requires connectivity to specific Azure services (Backup, Storage, and Microsoft Entra ID) in order to discover databases, configure backup policies, run backups, and do restores. If your VM’s networking is locked down or you’re using custom NSGs/firewalls, you’ll need to explicitly allow (or tag) outbound traffic to those services. Without proper connectivity, the in guest SQL backup extension won’t be able to do its job (db discovery, backup, and restore operations might fail).

Please feel free to click the 'Upvote' (Thumbs-up) button and 'Accept as Answer'. This helps the community by allowing others with similar queries to easily find the solution.