You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sap/center-sap-solutions/register-existing-system.md
+4-7Lines changed: 4 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -36,7 +36,7 @@ In this how-to guide, you'll learn how to register an existing SAP system with *
36
36
- Allowlist the region-specific IP addresses for Azure Storage.
37
37
- Register the **Microsoft.Workloads** Resource Provider in the subscription where you have the SAP system.
38
38
- Check that your Azure account has **Azure Center for SAP solutions administrator** and **Managed Identity Operator** or equivalent role access on the subscription or resource groups where you have the SAP system resources.
39
-
- A **User-assigned managed identity** which has **Azure Center for SAP solutions service role**and **Tag Contributor** role access on the Compute resource group and **Reader**and **Tag Contributor**role access on the Network resource group of the SAP system. Azure Center for SAP solutions service uses this identity to discover your SAP system resources and register the system as a VIS resource.
39
+
- A **User-assigned managed identity** which has **Azure Center for SAP solutions service role** access on the Compute resource group and **Reader** role access on the Virtual Network resource group of the SAP system. Azure Center for SAP solutions service uses this identity to discover your SAP system resources and register the system as a VIS resource.
40
40
- Make sure ASCS, Application Server and Database virtual machines of the SAP system are in **Running** state.
41
41
- sapcontrol and saphostctrl exe files must exist on ASCS, App server and Database.
42
42
- File path on Linux VMs: /usr/sap/hostctrl/exe
@@ -70,7 +70,7 @@ The following SAP system configurations aren't supported in Azure Center for SAP
70
70
71
71
## Enable resource permissions
72
72
73
-
When you register an existing SAP system as a VIS, Azure Center for SAP solutions service needs a **User-assigned managed identity** which has **Azure Center for SAP solutions service role**and **Tag Contributor** role access on the Compute (VMs, Disks, Load balancers) resource group and **Reader** role access on the Virtual Network resource group of the SAP system. Before you register an SAP system with Azure Center for SAP solutions, either [create a new user-assigned managed identity or update role access for an existing managed identity](#setup-user-assigned-managed-identity).
73
+
When you register an existing SAP system as a VIS, Azure Center for SAP solutions service needs a **User-assigned managed identity** which has **Azure Center for SAP solutions service role** access on the Compute (VMs, Disks, Load balancers) resource group and **Reader** role access on the Virtual Network resource group of the SAP system. Before you register an SAP system with Azure Center for SAP solutions, either [create a new user-assigned managed identity or update role access for an existing managed identity](#setup-user-assigned-managed-identity).
74
74
75
75
Azure Center for SAP solutions uses this user-assigned managed identity to install VM extensions on the ASCS, Application Server and DB VMs. This step allows Azure Center for SAP solutions to discover the SAP system components, and other SAP system metadata. User-assigned managed identity is required to enable SAP system monitoring and management capabilities.
76
76
@@ -79,12 +79,9 @@ Azure Center for SAP solutions uses this user-assigned managed identity to insta
79
79
To provide permissions to the SAP system resources to a user-assigned managed identity:
80
80
81
81
1.[Create a new user-assigned managed identity](../../active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md#create-a-user-assigned-managed-identity) if needed or use an existing one.
82
-
1.[Assign **Azure Center for SAP solutions service role** and **Tag Contributor**](../../active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md#manage-access-to-user-assigned-managed-identities) role access to the user-assigned managed identity on the resource group(s) which have the Virtual Machines, Disks and Load Balancers of the SAP system and **Reader** role on the resource group(s) which have the Virtual Network components of the SAP system.
82
+
1.[Assign **Azure Center for SAP solutions service role**](../../active-directory/managed-identities-azure-resources/how-manage-user-assigned-managed-identities.md#manage-access-to-user-assigned-managed-identities) role access to the user-assigned managed identity on the resource group(s) which have the Virtual Machines, Disks and Load Balancers of the SAP system and **Reader** role on the resource group(s) which have the Virtual Network components of the SAP system.
83
83
1. Once the permissions are assigned, this managed identity can be used in Azure Center for SAP solutions to register and manage SAP systems.
84
84
85
-
> [!NOTE]
86
-
> User-assigned managed identity requires **Tag Contributor** role on VMs, Disks and Load Balancers of the SAP system to enable [Cost Analysis](view-cost-analysis.md) at SAP SID level.
87
-
88
85
## Register SAP system
89
86
90
87
To register an existing SAP system in Azure Center for SAP solutions:
@@ -101,7 +98,7 @@ To register an existing SAP system in Azure Center for SAP solutions:
101
98
1. For **SAP product**, select the SAP system product from the drop-down menu.
102
99
1. For **Environment**, select the environment type from the drop-down menu. For example, production or non-production environments.
1. For **Managed identity name**, select a **User-assigned managed identity** which has **Azure Center for SAP solutions service role**, **Reader**and **Tag Contributor** role access to the [respective resources of this SAP system.](#enable-resource-permissions)
101
+
1. For **Managed identity name**, select a **User-assigned managed identity** which has **Azure Center for SAP solutions service role**and **Reader** role access to the [respective resources of this SAP system.](#enable-resource-permissions)
105
102
1. Select **Review + register** to discover the SAP system and begin the registration process.
106
103
107
104
:::image type="content" source="media/register-existing-system/registration-page.png" alt-text="Screenshot of Azure Center for SAP solutions registration page, highlighting mandatory fields to identify the existing SAP system." lightbox="media/register-existing-system/registration-page.png":::
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments