Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
666 questions
How to create custom role in Azure Data Lake Analytics (ADLA) only for monitoring scenarios
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 66%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWW%3C/text%3E%3C/svg%3E)
Weiyi Wang
1
Reputation point
From official doc about role-based access control in ADLA, the Data Lake Analytics Developer role could:
- Submit jobs.
- Monitor job status and the progress of jobs submitted by any user.
- See the U-SQL scripts from jobs submitted by any user.
- Cancel only you own jobs.
In our scenario, we want to let some SPI could use ADLA SDK to "Monitor job status and the progress of jobs submitted by any user.", but due to customer concerns, these SPI shouldn't have permission to submit jobs in ADLA. So, we can't add these SPI into the Data Lake Analytics Developer role directly.
My question is, how do I get a custom role that meet my scenario, I have checked the basic operations here, but not found the relevant permissions. Or is there any other solution I could try?
Appreciate your help, thanks!
{count} votes
-
PRADEEPCHEEKATLA-MSFT 77,081 Reputation points Microsoft Employee2022-06-30T06:06:57.067+00:00 Hello @Weiyi Wang ,
Thanks for the question and using MS Q&A platform.
Have you tired Built-in monitoring roles such as
Monitoring Reader&Monitoring Contributor? -
Weiyi Wang 1 Reputation point
2022-06-30T12:28:21.86+00:00 Thanks for your reply, will the SPI in monitoring roles be able to use ADLA SDK to get job list and get each job info under the ADLA account? I checked the permissions of the built-in monitoring roles, and it doesn't seem to be related to ADLA.
Sign in to comment