You don't have to activate any role at the Entra ID level. You must apply an Azure RBAC at your Log Analytic resource, please review the follow documentation https://learn.microsoft.com/en-us/azure/azure-monitor/logs/manage-access?tabs=portal
Hope this helps!
Remember to accept the answer if it is helpful.