Share via

Add users to Azure Log Analytics via the Azure portal - Microsoft Engage Center (Services Hub)

Azure Log Analytics serves as the system for running Microsoft Engage Center On-Demand Assessments. At present, user management takes place through the Azure Portal rather than utilizing the user management features specific to Azure Log Analytics. This approach provides customers with the capability to add, remove, or configure assessments, as well as establish necessary links. (Scenario 2 is dedicated solely to Azure Log Analytics access, and individuals with @microsoft email addresses are advised to opt for Scenario 2.)

To add a new user to an Azure subscription, follow these steps.

Add a New User to an Azure Subscription

Note

Only someone with an ‘Owner’ designation can add users to a subscription.

Scenario 1 - Add someone from your organization/tenant

  1. Sign in to Microsoft Azure portal and go to Subscriptions in the left-hand navigation bar. If you don't see Subscriptions, scroll down and select More Services and search for it.

    The Microsoft Azure window, which shows a list of the organization's Azure Subscriptions.

  2. Once selected, Subscriptions will display a list of the Azure Subscriptions your organization manages.

  3. Select the Azure subscription that’s associated with the ytics workspace and linked to the Microsoft Engage Center account you want to add users to.

  4. Select Access Control, then Add.

  5. Next, select a Role and add the email address of the person you want to add. Once done, select Save.

    Note

    We recommend you add users as an Owner or Contributor to ensure that users have the permission needed in Azure Log Analytics to add, remove, and configure assessments.

    The Microsoft Azure window, which shows that a user has been successfully added to a role.

  6. If you added people using their Microsoft accounts/Live IDs, see Authenticating a Managed Services Account Holder in Azure.

Scenario 2 - Adding someone from outside your organization/tenant

  1. Sign in to the Azure portal and go to Log Analytics in the left-hand navigation bar.

    The Microsoft Azure Portal window, which shows a list of Log Analytics workspaces within the user's organization.

  2. Once selected, Log Analytics will display a list of the Azure Log Analytic workspaces within your organization manages.

  3. Select the Azure Log Analytics workspace that is linked to your Microsoft Engage Center to add users to.

  4. Select Access Control, then Add.

  5. Next, select a Role and add the email address of the person you want to add. Once done, select Save.

  6. If the user you add is not part of your tenant, that user will receive and email to finish the process and have access to the Azure Log Analytic workspace. If the portal doesn't let you invite the email ID you are trying to add, your Azure Active Directory Global Administrator might have blocked Invite Guest Users feature. To learn how to invite guest users, see Invite Guest users to your active directory.

    Note

    We recommended you add users as a Log Analytics Reader to grant @microsoft users access to your Azure Log Analytics workspace to view your assessments. They will not have access to your Azure subscription.

    Caution

    If the "Invite External User" rule is blocked on the Azure Active Directory the command to invite a user will be greyed out. You will have to ask the Azure Active Directory Global Administrator to invite the @microsoft user. To do that, please follow the following steps.

  7. Sign in to the Azure portal and go to Azure Active Directory in the left-hand navigation bar.

  8. Locate Roles and Administrators on the left pane and search for Global Administrator

  9. Once selected, you will be able to see who the Azure Active Directory Global Administrator is and anyone on that list would be able to invite the guest user.