Limitations of Azure Managed Grafana
Azure Managed Grafana delivers the native Grafana functionality in the highest possible fidelity. There are some differences between what it provides and what you can get by self-hosting Grafana. As a general rule, Azure Managed Grafana disables features and settings that might affect the security or reliability of the service and individual Grafana instances it manages.
Current limitations
Azure Managed Grafana has the following known limitations:
All users must have accounts in Microsoft Entra ID. Microsoft (also known as MSA) and 3rd-party accounts aren't supported. As a workaround, use the default tenant of your Azure subscription with your Grafana instance and add other users as guests.
Installing, uninstalling and upgrading plugins from the Grafana Catalog isn't possible.
Querying Azure Data Explorer might take a long time or return 50x errors. To resolve these issues, use a table format instead of a time series, shorten the time duration, or avoid having many panels querying the same data cluster that can trigger throttling.
Users can be assigned the following Grafana Organization level roles: Admin, Editor, or Viewer. The Grafana Server Admin role isn't available to customers.
Some Data plane APIs require Grafana Server Admin permissions and can't be called by users. This includes the Admin API, the User API and the Admin Organizations API.
Azure Managed Grafana currently doesn't support the Grafana Role Based Access Control (RBAC) feature and the RBAC API is therefore disabled.
Unified alerting is enabled by default for all instances created after December 2022. For instances created before this date, unified alerting must be enabled manually by the Azure Managed Grafana team. For activation, contact us
Some Azure Managed Grafana features aren't available in Azure Government and Microsoft Azure operated by 21Vianet due to limitations in these specific environments. This following table lists the feature differences.
Feature Azure Government Microsoft Azure operated by 21Vianet Private link ❌ ❌ Managed private endpoint ❌ ❌ Team sync with Microsoft Entra ID ❌ ❌ Enterprise plugins ❌ ❌ The Current User authentication option for Azure Data Explorer triggers the following limitation. Grafana offers some automated features such as alerts and reporting, that are expected to run in the background periodically. The Current User authentication method relies on a user being logged in, in an interactive session, to connect Azure Data Explorer to the database. Therefore, when this authentication method is used and no user is logged in, automated tasks can't run in the background. To leverage automated tasks for Azure Data Explorer, we recommend setting up another Azure Data Explorer data source using another authentication method. Rollout of this feature is in progress and will be complete in all regions by the end of 2023.
Quotas
The following quotas apply to the Essential (preview) and Standard plans.
| Limit | Description | Essential | Standard |
|---|---|---|---|
| Alert rules | Maximum number of alert rules that can be created | Not supported | 100 per instance |
| Dashboards | Maximum number of dashboards that can be created | 20 per instance | Unlimited |
| Data sources | Maximum number of datasources that can be created | 5 per instance | Unlimited |
| API keys | Maximum number of API keys that can be created | 2 per instance | 100 per instance |
| Data query timeout | Maximum wait duration for the reception of data query response headers, before Grafana times out | 200 seconds | 200 seconds |
| Data source query size | Maximum number of bytes that are read/accepted from responses of outgoing HTTP requests | 80 MB | 80 MB |
| Render image or PDF report wait time | Maximum duration for an image or report PDF rendering request to complete before Grafana times out. | Not supported | 220 seconds |
| Instance count | Maximum number of instances in a single subscription per Azure region | 1 | 20 |
Next steps
Feedback
Submit and view feedback for