Forum Discussion
LogAnalytics workspace - aks logs
Hello, we currently use azure aks and have a log workspace for logs from that cluster. Is it possible to set up more detailed access permissions, for example, to ship logs from a (aks cluster...
Meir_Mendelovich
Microsoft
MicrosoftHi Mladen,
We are working these days on exactly that. The current resource-centric isn't working right now on AKS clusters as the logs are not tagged with the AKS resource ID. This supposed to be fixed in few weeks. Once it is fixed, you would be able to use the resource-based RBAC to define per-cluster RBAC.
Right now, we don't plan to support per-namespace as namespaces are internal Kube entity that doesn't receive Azure RBAC assignments. We consider options for the future.
Thanks,
Meir
We are working these days on exactly that. The current resource-centric isn't working right now on AKS clusters as the logs are not tagged with the AKS resource ID. This supposed to be fixed in few weeks. Once it is fixed, you would be able to use the resource-based RBAC to define per-cluster RBAC.
Right now, we don't plan to support per-namespace as namespaces are internal Kube entity that doesn't receive Azure RBAC assignments. We consider options for the future.
Thanks,
Meir
Hello,
was there any progress on fine-grained access to data in log analytics?
thanks
- Meir_Mendelovich
There was lots of progress 🙂
Cluster level RBAC is working and we have many customers that are using it.
We are working on namespace level RBAC but it would take few more months to complete it end-to-end.
Thanks,
Meir 😆
