You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sap/monitor/enable-trusted-access.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,14 +16,14 @@ One of the challenges for customers is that the key vault and storage account th
16
16
With this feature, you can use the system-assigned identity of the Azure Monitor for SAP solutions resource and our service will use trusted access mode to interact with the key vault and storage account. Using this feature, you can then block public access and only allow traffic from AMS subnet on your key vault and storage account in AMS managed resource group.
17
17
This feature provides more security and control over your AMS resources, as you can limit the access to the key vault and storage account to the AMS service and subnet only and prevent any unauthorized or malicious access from outside.
18
18
19
-
# Prerequisites and steps to enable trusted access using System Assigned Managed Identity
19
+
##Prerequisites and steps to enable trusted access using System Assigned Managed Identity
20
20
To use the trusted access using MSI feature, you need to meet the following prerequisites and follow the steps below:
21
21
* Migrate to Dedicated app service plan: [Follow steps here](https://go.microsoft.com/fwlink/?linkid=2306196)
22
22
> This is a mandatory step to avoid having function app scaling issues after storage account's public access is disabled.
23
23
24
24
`Important Note: Trusted access feature is supported only if the "ROUTE ALL" is enabled during the monitor creation.`
25
25
26
-
# Steps to follow while creating new AMS
26
+
##Steps to follow while creating new AMS
27
27
* Log in to the Azure portal and create a new Azure Monitor for SAP solutions resource.
28
28
* Fill in the required fields, such as the name, description, etc.
29
29
* (Mandatory) Under the Networking section, have the 'Route all' option enabled.
@@ -43,7 +43,7 @@ To use the trusted access using MSI feature, you need to meet the following prer
43
43
44
44
45
45
46
-
# Disable Identity on existing AMS
46
+
##Disable Identity on existing AMS
47
47
* Go to Identity tab for AMS and disable the identity and save.
0 commit comments