last sync: 2024-Oct-07 17:51:37 UTC

Monitoring Contributor

Azure BuiltIn RBAC Role definition

NameMonitoring Contributor
Id749f88d5-cbae-40b8-bcfc-e573ddc772fa
DescriptionCan read all monitoring data and update monitoring settings.
CreatedOn2016-09-21 19:21:08 UTC
UpdatedOn2024-09-25 15:14:24 UTC
History
Date/Time (UTC ymd) (i) Change Change detail
2024-09-26 17:50:01 change: Actions Actions: 'add Microsoft.OperationalInsights/workspaces/sharedKeys/read; add Microsoft.OperationalInsights/locations/workspaces/failover/action; add Microsoft.OperationalInsights/workspaces/failback/action'
2024-08-26 18:18:02 change: Actions Actions: 'add Microsoft.Monitor/accounts/*'
2024-06-20 18:17:31 change: Actions Actions: 'add Microsoft.AlertsManagement/prometheusRuleGroups/*'
2024-04-05 19:55:31 change: Actions Actions: 'add Microsoft.Monitor/investigations/*'
2024-01-17 19:06:08 change: Actions Actions: 'remove Microsoft.WorkloadMonitor/monitors/*'
2023-12-01 19:16:58 change: Actions Actions: 'add Microsoft.AlertsManagement/investigations/*'
2022-09-06 17:33:15 change: DataActions DataActions: 'remove microsoft.monitor/accounts/data/metrics/read'
2022-07-25 16:32:45 change: DataActions DataActions: 'add microsoft.monitor/accounts/data/metrics/read'
2022-03-11 18:17:07 change: Actions Actions: 'add Microsoft.Insights/createNotifications/*; add Microsoft.Insights/notificationStatus/*'
2022-03-08 17:46:41 change: Actions Actions: 'add Microsoft.AlertsManagement/migrateFromSmartDetection/*'
2022-01-04 11:26:52 change: Actions Actions: 'add Microsoft.Insights/workbooktemplates/*'
2021-11-08 16:50:39 change: Actions Actions: 'add Microsoft.Insights/dataCollectionEndpoints/*'
2020-11-18 18:53:03 change: Actions Actions: 'remove Microsoft.WorkloadMonitor/notificationSettings/*'
Permissions summary Effective control plane and data plane operations: 6948 (unique operations)
•: 1
•action: 33
•delete: 43
•read: 6821
•write: 50

Actions: 43
Resolved control plane operations from Actions: 6948
Effective control plane operations: 6948
•: 1
•action: 33
•delete: 43
•read: 6821
•write: 50

NotActions: 0
Resolved control plane operations from NotActions: 0
Effective denied control plane operations: 8836

DataActions: 0
Resolved data plane operations: 0
Effective data plane operations: 0

NotDataActions: 0
Resolved data plane operations from NotDataActions: 0
Effective denied data plane operations: 3176
Actions
Operation Description
*/readwildcarded / no description
Microsoft.AlertsManagement/actionRules/*wildcarded / no description
Microsoft.AlertsManagement/alerts/*wildcarded / no description
Microsoft.AlertsManagement/alertsSummary/*wildcarded / no description
Microsoft.AlertsManagement/investigations/*wildcarded / no description
Microsoft.AlertsManagement/migrateFromSmartDetection/*wildcarded / no description
Microsoft.AlertsManagement/prometheusRuleGroups/*wildcarded / no description
Microsoft.AlertsManagement/smartDetectorAlertRules/*wildcarded / no description
Microsoft.AlertsManagement/smartGroups/*wildcarded / no description
Microsoft.Insights/actiongroups/*wildcarded / no description
Microsoft.Insights/activityLogAlerts/*wildcarded / no description
Microsoft.Insights/AlertRules/*wildcarded / no description
Microsoft.Insights/components/*wildcarded / no description
Microsoft.Insights/createNotifications/*wildcarded / no description
Microsoft.Insights/dataCollectionEndpoints/*wildcarded / no description
Microsoft.Insights/dataCollectionRuleAssociations/*wildcarded / no description
Microsoft.Insights/dataCollectionRules/*wildcarded / no description
Microsoft.Insights/DiagnosticSettings/*wildcarded / no description
Microsoft.Insights/eventtypes/*wildcarded / no description
Microsoft.Insights/LogDefinitions/*wildcarded / no description
Microsoft.Insights/metricalerts/*wildcarded / no description
Microsoft.Insights/MetricDefinitions/*wildcarded / no description
Microsoft.Insights/Metrics/*wildcarded / no description
Microsoft.Insights/notificationStatus/*wildcarded / no description
Microsoft.Insights/privateLinkScopeOperationStatuses/*wildcarded / no description
Microsoft.Insights/privateLinkScopes/*wildcarded / no description
Microsoft.Insights/Register/ActionRegister the Microsoft Insights provider
Microsoft.Insights/scheduledqueryrules/*wildcarded / no description
Microsoft.Insights/webtests/*wildcarded / no description
Microsoft.Insights/workbooks/*wildcarded / no description
Microsoft.Insights/workbooktemplates/*wildcarded / no description
Microsoft.Monitor/accounts/*wildcarded / no description
Microsoft.Monitor/investigations/*wildcarded / no description
Microsoft.OperationalInsights/locations/workspaces/failover/actionInitiates workspace failover to replication location.
Microsoft.OperationalInsights/workspaces/failback/actionInitiates workspace failback.
Microsoft.OperationalInsights/workspaces/intelligencepacks/*wildcarded / no description
Microsoft.OperationalInsights/workspaces/savedSearches/*wildcarded / no description
Microsoft.OperationalInsights/workspaces/search/actionExecutes a search query
Microsoft.OperationalInsights/workspaces/sharedKeys/actionRetrieves the shared keys for the workspace. These keys are used to connect Microsoft Operational Insights agents to the workspace.
Microsoft.OperationalInsights/workspaces/sharedKeys/readRetrieves the shared keys for the workspace. These keys are used to connect Microsoft Operational Insights agents to the workspace.
Microsoft.OperationalInsights/workspaces/storageinsightconfigs/*wildcarded / no description
Microsoft.OperationalInsights/workspaces/writeCreates a new workspace or links to an existing workspace by providing the customer id from the existing workspace.
Microsoft.Support/*wildcarded / no description
NotActions n/a
DataActions n/a
NotDataActions n/a
Used in
BuiltIn Policy
Policy DisplayName Policy Id Category State
[Deprecated]: Configure Association to link Arc machines to default Microsoft Defender for Cloud Data Collection Rule 30f52897-df47-4ca0-81a8-a3be3e8dd226 Security Center Deprecated
[Deprecated]: Configure Association to link Arc machines to user-defined Microsoft Defender for Cloud Data Collection Rule c9ae938d-3d6f-4466-b7c3-351761d9c890 Security Center Deprecated
[Deprecated]: Configure Association to link virtual machines to default Microsoft Defender for Cloud Data Collection Rule a2ea54a3-9707-45e3-8230-bbda8309d17e Security Center Deprecated
[Deprecated]: Configure Association to link virtual machines to user-defined Microsoft Defender for Cloud Data Collection Rule 9c0aa188-e5fe-4569-8f74-b6e155624d9a Security Center Deprecated
[Deprecated]: Configure diagnostic settings for storage accounts to Log Analytics workspace 6f8f98a4-f108-47cb-8e98-91a0d85cd474 Storage Deprecated
[Deprecated]: Deploy a VMInsights Data Collection Rule and Data Collection Rule Association for all the VMs in the Resource Group a0f27bdc-5b15-4810-b81d-7c4df9df1a37 Monitoring Deprecated
[Deprecated]: Deploy a VMInsights Data Collection Rule and Data Collection Rule Association for all the VMSS in the Resource Group c7f3bf36-b807-4f18-82dc-f480ad713635 Monitoring Deprecated
[Deprecated]: Deploy a VMInsights Data Collection Rule and Data Collection Rule Association for Arc Machines in the Resource Group 7c4214e9-ea57-487a-b38e-310ec09bc21d Monitoring Deprecated
[Preview]: Configure Linux Arc-enabled machines to be associated with a Data Collection Rule for ChangeTracking and Inventory 09a1f130-7697-42bc-8d84-8a9ea17e5192 ChangeTrackingAndInventory Preview
[Preview]: Configure Linux Virtual Machines to be associated with a Data Collection Rule for ChangeTracking and Inventory bef2d677-e829-492d-9a3d-f5a20fda818f ChangeTrackingAndInventory Preview
[Preview]: Configure Linux VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory 1142b015-2bd7-41e0-8645-a531afe09a1e ChangeTrackingAndInventory Preview
[Preview]: Configure Windows Arc-enabled machines to be associated with a Data Collection Rule for ChangeTracking and Inventory ef9fe2ce-a588-4edd-829c-6247069dcfdb ChangeTrackingAndInventory Preview
[Preview]: Configure Windows Virtual Machines to be associated with a Data Collection Rule for ChangeTracking and Inventory b6faa975-0add-4f35-8d1c-70bba45c4424 ChangeTrackingAndInventory Preview
[Preview]: Configure Windows VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory 8fd85785-1547-4a4a-bf90-d5483c9571c5 ChangeTrackingAndInventory Preview
Configure Arc-enabled Servers with SQL Server extension installed to enable or disable SQL best practices assessment. f36de009-cacb-47b3-b936-9c4c9120d064 SQL Server GA
Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL DCR cbdd12e1-193a-445c-9926-560118c6daaa Security Center GA
Configure Arc-enabled SQL Servers with Data Collection Rule Association to Microsoft Defender for SQL user-defined DCR 2227e1f1-23dd-4c3a-85a9-7024a401d8b2 Security Center GA
Configure Azure Activity logs to stream to specified Log Analytics workspace 2465583e-4e78-4c15-b6be-a36cbc7c8b0f Monitoring GA
Configure diagnostic settings for Azure Databricks Workspaces to Log Analytics workspace 23057b42-ca8d-4aa0-a3dc-96a98b5b5a3d Azure Databricks GA
Configure diagnostic settings for Azure Machine Learning Workspaces to Log Analytics workspace f59276f0-5740-4aaf-821d-45d185aa210e Machine Learning GA
Configure diagnostic settings for Azure Network Security Groups to Log Analytics workspace 98a2e215-5382-489e-bd29-32e7190a39ba Network GA
Configure diagnostic settings for Blob Services to Log Analytics workspace b4fe1a3b-0715-4c6c-a5ea-ffc33cf823cb Storage GA
Configure diagnostic settings for container groups to Log Analytics workspace 41ebf9df-66cb-48e9-a8d0-98afb4e150ce Container Instance GA
Configure diagnostic settings for File Services to Log Analytics workspace 25a70cc8-2bd4-47f1-90b6-1478e4662c96 Storage GA
Configure diagnostic settings for Queue Services to Log Analytics workspace 7bd000e3-37c7-4928-9f31-86c4b77c5c45 Storage GA
Configure diagnostic settings for Storage Accounts to Log Analytics workspace 59759c62-9a22-4cdf-ae64-074495983fef Storage GA
Configure diagnostic settings for Table Services to Log Analytics workspace 2fb86bf3-d221-43d1-96d1-2434af34eaa0 Storage GA
Configure Linux Arc Machines to be associated with a Data Collection Rule or a Data Collection Endpoint d5c37ce1-5f52-4523-b949-f19bf945b73a Monitoring GA
Configure Linux Machines to be associated with a Data Collection Rule or a Data Collection Endpoint 2ea82cdd-f2e8-4500-af75-67a2e084ca74 Monitoring GA
Configure Linux Virtual Machine Scale Sets to be associated with a Data Collection Rule or a Data Collection Endpoint 050a90d5-7cce-483f-8f6c-0df462036dda Monitoring GA
Configure Linux Virtual Machines to be associated with a Data Collection Rule or a Data Collection Endpoint 58e891b9-ce13-4ac3-86e4-ac3e1f20cb07 Monitoring GA
Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL ddca0ddc-4e9d-4bbb-92a1-f7c4dd7ef7ce Security Center GA
Configure Windows Arc Machines to be associated with a Data Collection Rule or a Data Collection Endpoint c24c537f-2516-4c2f-aac5-2cd26baa3d26 Monitoring GA
Configure Windows Machines to be associated with a Data Collection Rule or a Data Collection Endpoint eab1f514-22e3-42e3-9a1f-e1dc9199355c Monitoring GA
Configure Windows Virtual Machine Scale Sets to be associated with a Data Collection Rule or a Data Collection Endpoint 0a3b9bf4-d30e-424a-af6b-9a93f6f78792 Monitoring GA
Configure Windows Virtual Machines to be associated with a Data Collection Rule or a Data Collection Endpoint 244efd75-0d92-453c-b9a3-7d73ca36ed52 Monitoring GA
Deploy - Configure diagnostic settings for Azure Key Vault to Log Analytics workspace 951af2fa-529b-416e-ab6e-066fd85ac459 Key Vault GA
Deploy - Configure diagnostic settings for Azure Kubernetes Service to Log Analytics workspace 6c66c325-74c8-42fd-a286-a74b0e2939d8 Kubernetes GA
Deploy - Configure diagnostic settings for SQL Databases to Log Analytics workspace b79fa14e-238a-4c2d-b376-442ce508fc84 SQL GA
Deploy - Configure diagnostic settings to a Log Analytics workspace to be enabled on Azure Key Vault Managed HSM b3884c81-31aa-473d-a9bb-9466fe0ec2a0 Monitoring GA
Deploy Diagnostic Settings for Batch Account to Log Analytics workspace c84e5349-db6d-4769-805e-e14037dab9b5 Monitoring GA
Deploy Diagnostic Settings for Data Lake Analytics to Log Analytics workspace d56a5a7c-72d7-42bc-8ceb-3baf4c0eae03 Monitoring GA
Deploy Diagnostic Settings for Data Lake Storage Gen1 to Log Analytics workspace 25763a0a-5783-4f14-969e-79d4933eb74b Monitoring GA
Deploy Diagnostic Settings for Event Hub to Log Analytics workspace 1f6e93e8-6b31-41b1-83f6-36e449a42579 Monitoring GA
Deploy Diagnostic Settings for Key Vault to Log Analytics workspace bef3f64c-5290-43b7-85b0-9b254eef4c47 Monitoring GA
Deploy Diagnostic Settings for Logic Apps to Log Analytics workspace b889a06c-ec72-4b03-910a-cb169ee18721 Monitoring GA
Deploy Diagnostic Settings for Network Security Groups c9c29499-c1d1-4195-99bd-2ec9e3a9dc89 Monitoring GA
Deploy Diagnostic Settings for PostgreSQL flexible servers to Log Analytics workspace 78ed47da-513e-41e9-a088-e829b373281d PostgreSQL GA
Deploy Diagnostic Settings for Recovery Services Vault to Log Analytics workspace for resource specific categories. c717fb0c-d118-4c43-ab3d-ece30ac81fb3 Backup GA
Deploy Diagnostic Settings for Search Services to Log Analytics workspace 08ba64b8-738f-4918-9686-730d2ed79c7d Monitoring GA
Deploy Diagnostic Settings for Service Bus to Log Analytics workspace 04d53d87-841c-4f23-8a5b-21564380b55e Monitoring GA
Deploy Diagnostic Settings for Stream Analytics to Log Analytics workspace 237e0f7e-b0e8-4ec4-ad46-8c12cb66d673 Monitoring GA
JSON
api-version=2023-07-01-preview
Condition none