|
1 | 1 | --- |
2 | | -title: SAP Information Lifecycle Management with Microsoft Azure Blob Storage | Microsoft Docs |
3 | | -description: SAP Information Lifecycle Management with Microsoft Azure Blob Storage |
| 2 | +title: SAP Information Lifecycle Management with Microsoft Azure Blob Storage |
| 3 | +description: Learn about SAP Information Lifecycle Management (ILM) with Microsoft Azure Blob Storage. |
4 | 4 | services: virtual-machines-linux,virtual-machines-windows |
5 | | -author: MSSedusch |
6 | | -manager: timlt |
7 | 5 | ms.service: sap-on-azure |
8 | 6 | ms.subservice: sap-vm-workloads |
9 | | -ms.topic: article |
| 7 | +ms.topic: concept-article |
10 | 8 | ms.tgt_pltfrm: vm-linux |
11 | | -ms.date: 01/28/2022 |
| 9 | +manager: timlt |
| 10 | +author: MSSedusch |
12 | 11 | ms.author: sedusch |
| 12 | +ms.date: 03/12/2026 |
13 | 13 | ms.custom: subject-rbac-steps |
14 | 14 | # Customer intent: "As a system administrator managing SAP systems, I want to configure Azure Blob Storage for SAP Information Lifecycle Management, so that I can efficiently store and manage archive data while ensuring compliance and security." |
15 | 15 | --- |
16 | | -# SAP Information Lifecycle Management (ILM) with Microsoft Azure Blob Storage |
17 | 16 |
|
18 | | -SAP Information Lifecycle Management (ILM) provides a broad range of capabilities for managing data |
19 | | -volumes, Retention Management as well as the decommissioning of legacy systems, while balancing the |
20 | | -total cost of ownership, risk, and legal compliance. SAP ILM Store (a component of ILM) would enable |
21 | | -storing of these archive files and attachments from SAP system into Microsoft Azure Blob storage, thus |
22 | | -enabling cloud storage. |
| 17 | +# SAP ILM with Microsoft Azure Blob Storage |
23 | 18 |
|
24 | | - |
| 19 | +SAP Information Lifecycle Management (ILM) provides a broad range of capabilities. These capabilities manage data volumes, provides Retention Management, and the decommissioning of legacy systems while balancing total cost of ownership, risks, and legal compliance. SAP ILM Store (a component of ILM) would enable storing of these archive files and attachments from SAP system into Microsoft Azure Blob storage, thus enabling cloud storage. |
25 | 20 |
|
26 | | -## How to |
| 21 | + |
27 | 22 |
|
28 | | -This document covers creation and configuration of Azure blob storage account to be used with SAP |
29 | | -ILM. This account will be used to store archive data from S/4HANA System. |
| 23 | +This document covers creation and configuration of Azure blob storage account to be used with SAP ILM. This account is used to store archive data from S/4HANA System. |
30 | 24 |
|
31 | 25 | The steps to be followed to create a storage account are: |
32 | 26 |
|
33 | 27 | 1. Register a new application with your subscription. |
34 | | -2. Create a Blob storage account. |
35 | | -3. Create a new custom role or use an existing (built-in or custom) role. |
36 | | -4. Assign the role to application to allow access to the storage account. |
| 28 | +1. Create a Blob storage account. |
| 29 | +1. Create a new custom role or use an existing (built-in or custom) role. |
| 30 | +1. Assign the role to application to allow access to the storage account. |
37 | 31 |
|
38 | 32 | > [!NOTE] |
39 | | -> Steps 2, 3 and 4 can either be done manually or by using the Microsoft Quickstart template. |
| 33 | +> Steps 2, 3 and 4 can either be done manually or by using the Microsoft QuickStart template. |
| 34 | +
|
| 35 | +### QuickStart template approach |
40 | 36 |
|
41 | | -### QuickStart template approach: |
| 37 | +The QuickStart template is an automated approach to create the Azure account. You can find the template in the [Azure Quickstart Templates library](https://azure.microsoft.com/resources/templates/sap-ilm-store/). |
42 | 38 |
|
43 | | -This is an automated approach to create the Azure account. You can find the template in the [Azure Quickstart Templates library](https://azure.microsoft.com/resources/templates/sap-ilm-store/). |
| 39 | +### Manual configuration approach |
44 | 40 |
|
45 | | -### Manual configuration approach: |
46 | | -Azure blob storage account can be configured manually. |
47 | | -The steps to be followed are: |
| 41 | +Azure blob storage account can be configured manually. The steps to be followed are: |
48 | 42 |
|
49 | | -1. Register a new application |
50 | | -The details are available at [Register an application with the Microsoft identity platform](../../active-directory/develop/quickstart-register-app.md) |
| 43 | +1. Register a new application. The details are available at [Register an application in Microsoft Entra ID](../../active-directory/develop/quickstart-register-app.md). |
51 | 44 |
|
52 | 45 | > [!NOTE] |
53 | | - > Make sure that Client secret is added as per the section Add Credentials – Add a Client Secret |
54 | | -
|
55 | | -1. Create a Blob Storage account |
56 | | -Refer steps in the page [Create a storage account](../../storage/common/storage-account-create.md?tabs=azure-portal) |
57 | | -Ensure "Enable secure transfer" is set. |
58 | | -It is recommended to set the following property values: |
59 | | - * Enable blob public access = false |
60 | | - * Minimum TLS Version = 1.2 |
61 | | - * Enable storage account key access = false |
62 | | -1. Maintain IAM for the account |
63 | | -In the Access Control (IAM) setting, go to "Role Assignments" and add "Role assignment" for |
64 | | -the App created with the role of "Storage Blob Data Contributor". In the App dialog, choose |
65 | | -"User, group or Service Principal" for "Assign Access to" field. |
| 46 | + > Make sure that Client secret is added. To learn more, see [Add and manage application credentials in Microsoft Entra ID](/entra/identity-platform/how-to-add-credentials?tabs=client-secret#add-a-credential-to-your-application). |
| 47 | +
|
| 48 | +1. Create a Blob Storage account. Refer to steps in the page [Create a storage account](../../storage/common/storage-account-create.md?tabs=azure-portal). |
| 49 | +1. Ensure **Enable secure transfer** is set. We recommend you set the following property values: |
| 50 | + |
| 51 | + * Enable blob public access = false |
| 52 | + * Minimum TLS Version = 1.2 |
| 53 | + * Enable storage account key access = false |
| 54 | + |
| 55 | +1. Maintain Access Control (IAM) for the account. |
| 56 | + |
| 57 | + In the IAM setting, go to **Role Assignments** and add **Role assignment** for the App created with the role of **Storage Blob Data Contributor**. In the App dialog, choose **User, group or Service Principal** for **Assign Access to** field. |
66 | 58 |
|
67 | 59 | > [!NOTE] |
68 | 60 | > Ensure no other user has access to this storage account apart from the registered application. |
69 | 61 |
|
70 | | -During the process of the account setup and configuration, it is recommended to refer to [Security recommendations for Blob Storage](../../storage/blobs/security-recommendations.md) |
71 | | -With the completion of this setup, we are ready to use this blob storage account with SAP ILM |
72 | | -to store archive files from S/4 HANA System. |
| 62 | +During the process of the account setup and configuration, refer to [Security recommendations for Blob Storage](../../storage/blobs/security-recommendations.md). With the completion of this setup, we're ready to use this blob storage account with SAP ILM to store archive files from S/4 HANA System. |
73 | 63 |
|
74 | 64 | ## Next steps |
75 | 65 |
|
|
0 commit comments