Mar 22 2019
02:44 AM
- last edited on
Apr 07 2022
05:43 PM
by
TechCommunityAP
Mar 22 2019
02:44 AM
- last edited on
Apr 07 2022
05:43 PM
by
TechCommunityAP
Hello,
we currently use azure aks and have a log workspace for logs from that cluster.
Is it possible to set up more detailed access permissions, for example, to ship logs from a (aks cluster applications) namespace to a specific log analytics workspace? The idea here is to configure user's access to the logs from their apps/namespace only, not to have access to all cluster logs.
Tried with azure cli, but it looks like that you can assign log workspace per cluster only.
Thanks,
Best regards,
Mladen.
Mar 22 2019 11:44 AM
When you setup monitoring there are many Log Analytics Tables that are produced.
https://docs.microsoft.com/en-gb/azure/azure-monitor/insights/container-insights-analyze#container-d...
You can use Table level RBAC to restrict access to those Tables? It only table level not fine grain to look at the data within.
Mar 24 2019 04:40 AM
Jul 17 2020 10:53 AM
Hello,
was there any progress on fine-grained access to data in log analytics?
thanks
Jul 19 2020 12:38 AM
There was lots of progress 🙂
Cluster level RBAC is working and we have many customers that are using it.
We are working on namespace level RBAC but it would take few more months to complete it end-to-end.
Thanks,
Meir 😆