Forum Discussion
AVD Insights - Read access for support techs
6 Replies
SeeInsideSpace Did you happen to get this resolved? I have the same issue for support teams....
No unfortunately not. None of the reader roles when applied to both the host pool and to the log analytics workspace allow them to view Insights. It seems that contributor rights are required which is goes against rule of least privilege for our support desk technicians. Frustrating, as there is much useful data available in the Insights that would help them... Not sure why Microsoft would make this a non read only function.
SeeInsideSpace I found a way to provide access to my users.
Assign them Reader access to the Log Analytics Workspace and respective Resource Groups containing the AVD resources they need to see Insights dashboards for..... You can find more info here:
https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/virtual-desktop/troubleshoot-insights.md
See the section "My data isn't displaying properly"....
SeeInsideSpace have you tried the "Log Analytics Reader" role?? This should give them the necessary access - you can read more about that here - https://learn.microsoft.com/en-us/azure/azure-monitor/logs/manage-access?tabs=portal
- https://learn.microsoft.com/en-us/azure/virtual-desktop/rbac#desktop-virtualization-host-pool-reader
probably hostpool reader access to view the sessionhosts and it's configuration, for monitoring below role should suffice.
https://learn.microsoft.com/en-us/azure/virtual-desktop/rbac#desktop-virtualization-readerNo joy unfortunately, they just get a message that Azure Monitor is not configured for the host pool, even though it is. I am wondering if some permissions are needed to the Log Analytics Workspace.
