@jpcapone Permission to data in a Log Analytics workspace is defined by the access control mode, which is a setting on each workspace. Users can either be given explicit access to the workspace using a built-in or custom role, or you can allow access to data collected for Azure resources to users with access to those resources.
See Manage access to log data and workspaces in Azure Monitor for details on the different permission options and on configuring permissions.
Below are the minimum permissions you would require to create log analytics workspace.
-
Microsoft.Resources/subscriptions/resourceGroups/deployments/*
- Create and manage resource group deployments -
Microsoft.OperationalInsights/workspaces/*
- To read and write log analyticsworkspaces -
Microsoft.Resources/subscriptions/resourceGroups/*
- To read and write resource groups