How Azure roles for Log Analytics relate to the Services Hub

  • Article
  • 2 minutes to read

Your workspace in Services Hub needs to be linked to an Azure Log Analytics workspace.

Purpose of linking

  • When you link your Services Hub workspace with your Azure Log Analytics workspace, you enable On-Demand Assessments in your Azure Log Analytics workspace.
  • On-Demand Assessments are available to workspaces that have been specially enabled which happens during the linking (linking between Services Hub and Azure Log Analytics workspace) process.
  • The linking process enables On-Demand Assessments on the Azure Log Analytics workspace that is being linked (connected) to.
  • Only certain role holders in Azure can successfully link from Services Hub to Azure Log Analytics workspace. The same user account that has signed in to Services Hub performs the edits in Azure Log Analytics.

Azure roles

The following sections list Azure roles and the permissions those roles have in the Services Hub regarding assessments and linking the Services Hub to Azure Log Analytics.

  • Owner, Reader or Contributor at Log Analytics Workspace level
  • Owner, Reader or Contributor at Resource Group level
  • Owner, Reader, Contributor, Log Analytics Reader or Log Analytics Contributor at Subscription level

Users who can create new Azure Log Analytics workspace under existing Resource Groups that are linked to Services Hub workspace

  • Owner or Contributor at Resource Group level
  • Owner, Contributor or Log Analytics Contributor at Subscription level

Users who can create new Azure Log Analytics workspace under new Resource Group that are linked to Services Hub workspace

  • Owner or Contributor at Subscription level

Roles that can Add/Remove solutions from Services Hub workspace

  • Owner or Contributor at Log Analytics Workspace level
  • Owner or Contributor at Resource Group level
  • Owner, Contributor or Log Analytics Contributor at Subscription level

Note

Add/Remove solutions in Log Analytics Workspace can change the costs incurred by the organization and hence it requires higher levels of permission.

Note

If you don’t know the Azure owner or other roles of your Azure subscriptions, please follow this link: Role assignments in Azure Subscriptions.

How do I configure roles in Azure?

Visit Assign Azure roles using the Azure portal.

Have feedback?

If you have general feedback on the Resource Center or its content, contact your Microsoft representative. If you have any specific requests or content updates for Services Hub, contact our Support Team.