Forum Discussion
AVD Insights - Read access for support techs
- NKC25Brass Contributorhttps://learn.microsoft.com/en-us/azure/virtual-desktop/rbac#desktop-virtualization-host-pool-reader
probably hostpool reader access to view the sessionhosts and it's configuration, for monitoring below role should suffice.
https://learn.microsoft.com/en-us/azure/virtual-desktop/rbac#desktop-virtualization-reader- SeeInsideSpaceCopper Contributor
No joy unfortunately, they just get a message that Azure Monitor is not configured for the host pool, even though it is. I am wondering if some permissions are needed to the Log Analytics Workspace.
- virtualmancIron Contributor
SeeInsideSpace have you tried the "Log Analytics Reader" role?? This should give them the necessary access - you can read more about that here - https://learn.microsoft.com/en-us/azure/azure-monitor/logs/manage-access?tabs=portal
- EugeneHCopper Contributor
SeeInsideSpace Did you happen to get this resolved? I have the same issue for support teams....
- SeeInsideSpaceCopper Contributor
No unfortunately not. None of the reader roles when applied to both the host pool and to the log analytics workspace allow them to view Insights. It seems that contributor rights are required which is goes against rule of least privilege for our support desk technicians. Frustrating, as there is much useful data available in the Insights that would help them... Not sure why Microsoft would make this a non read only function.
- EugeneHCopper Contributor
SeeInsideSpace I found a way to provide access to my users.
Assign them Reader access to the Log Analytics Workspace and respective Resource Groups containing the AVD resources they need to see Insights dashboards for..... You can find more info here:
See the section "My data isn't displaying properly"....