AzRoleAdvertizer

last sync: 2020-Oct-28 15:04:35 UTC

Azure Role

Log Analytics Contributor

Name Log Analytics Contributor

Id 92aaf0da-9dab-42b6-94a3-d43ce8d16293

Description Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources.

CreatedOn 2017-04-25 21:51:45 UTC

UpdatedOn 2020-03-26 22:57:55 UTC

History none

Actions

Operation	Description	Used in other Roles
*/read	no description given	Log Analytics Reader, Managed Application Contributor Role, Managed Application Operator Role , Managed Applications Reader, Monitoring Contributor, Monitoring Reader, Reader, Resource Policy Contributor, User Access Administrator
Microsoft.Automation/automationAccounts/*	no description given	none
Microsoft.ClassicCompute/virtualMachines/extensions/*	no description given	none
Microsoft.ClassicStorage/storageAccounts/listKeys/action	Lists the access keys for the storage accounts.	Classic Storage Account Key Operator Service Role, Classic Virtual Machine Contributor, Logic App Contributor
Microsoft.Compute/virtualMachines/extensions/*	no description given	none
Microsoft.HybridCompute/machines/extensions/write	Installs or Updates an Azure Arc extensions	Azure Connected Machine Resource Administrator
Microsoft.Insights/alertRules/*	no description given	API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Operator, Automation Runbook Operator, Avere Contributor, Azure Arc Enabled Kubernetes Cluster User Role, Azure Arc Kubernetes Admin, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Sentinel Contributor, Azure Sentinel Reader, Azure Sentinel Responder, BizTalk Contributor, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, Classic Virtual Machine Contributor, ClearDB MySQL DB Contributor, Cognitive Services Contributor, Collaborative Data Contributor, Cosmos DB Operator, Data Factory Contributor, Data Lake Analytics Developer, Device Update Administrator, Device Update Content Administrator, Device Update Content Reader, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Reader, DNS Zone Contributor, DocumentDB Account Contributor, EventGrid EventSubscription Contributor, HDInsight Cluster Operator, Intelligent Systems Account Contributor, Key Vault Administrator (preview), Key Vault Certificates Officer (preview), Key Vault Contributor, Key Vault Crypto Officer (preview), Key Vault Reader (preview), Key Vault Secrets Officer (preview), Kubernetes Cluster - Azure Arc Onboarding, Logic App Contributor, Managed Identity Contributor, Managed Identity Operator, Monitoring Contributor, Network Contributor, New Relic APM Account Contributor, Private DNS Zone Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), SignalR Contributor, Site Recovery Contributor, Site Recovery Operator, SQL DB Contributor, SQL Managed Instance Contributor, SQL Security Manager, SQL Server Contributor, Storage Account Contributor, Tag Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor
Microsoft.Insights/diagnosticSettings/*	no description given	Cognitive Services Contributor, Logic App Contributor, Monitoring Contributor , Storage Account Contributor
Microsoft.OperationalInsights/*	no description given	none
Microsoft.OperationsManagement/*	no description given	none
Microsoft.Resources/deployments/*	no description given	API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Operator, Automation Runbook Operator, Avere Contributor, Azure Kubernetes Service Contributor Role, Azure Sentinel Contributor, Azure Sentinel Reader, Azure Sentinel Responder, Backup Contributor, Backup Operator, BizTalk Contributor, Blueprint Contributor, Blueprint Operator, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, Classic Virtual Machine Contributor, ClearDB MySQL DB Contributor, Cognitive Services Contributor, Collaborative Data Contributor, Cosmos DB Operator, Data Box Contributor, Data Factory Contributor, Data Lake Analytics Developer, Device Update Administrator, Device Update Content Administrator, Device Update Content Reader, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Reader, DNS Zone Contributor, DocumentDB Account Contributor, EventGrid EventSubscription Contributor, Intelligent Systems Account Contributor, Key Vault Administrator (preview), Key Vault Certificates Officer (preview), Key Vault Contributor, Key Vault Crypto Officer (preview), Key Vault Reader (preview), Key Vault Secrets Officer (preview), Logic App Contributor, Managed Application Contributor Role, Managed Applications Reader, Managed Identity Contributor, Managed Identity Operator, Network Contributor, New Relic APM Account Contributor, Private DNS Zone Contributor, Redis Cache Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), Services Hub Operator, SignalR Contributor, Site Recovery Contributor, Site Recovery Operator, SQL DB Contributor, SQL Managed Instance Contributor, SQL Security Manager, SQL Server Contributor, Storage Account Contributor, Tag Contributor, Traffic Manager Contributor, Virtual Machine Contributor, Web Plan Contributor, Website Contributor
Microsoft.Resources/subscriptions/resourcegroups/deployments/*	no description given	Cognitive Services Contributor
Microsoft.Storage/storageAccounts/listKeys/action	Returns the access keys for the specified storage account.	DevTest Labs User, Logic App Contributor, Reader and Data Access , Storage Account Key Operator Service Role, Virtual Machine Contributor
Microsoft.Support/*	no description given	API Management Service Contributor, API Management Service Operator Role, API Management Service Reader Role , Application Insights Component Contributor, Application Insights Snapshot Debugger, Automation Job Operator, Automation Operator, Automation Runbook Operator, Avere Contributor, Azure Arc Enabled Kubernetes Cluster User Role, Azure Arc Kubernetes Admin, Azure Arc Kubernetes Cluster Admin, Azure Arc Kubernetes Viewer, Azure Arc Kubernetes Writer, Azure Kubernetes Service RBAC Admin, Azure Kubernetes Service RBAC Cluster Admin, Azure Kubernetes Service RBAC Reader, Azure Kubernetes Service RBAC Writer, Azure Sentinel Contributor, Azure Sentinel Reader, Azure Sentinel Responder, Backup Contributor, Backup Operator, Billing Reader, BizTalk Contributor, Blueprint Contributor, Blueprint Operator, CDN Endpoint Contributor, CDN Endpoint Reader, CDN Profile Contributor, CDN Profile Reader, Classic Network Contributor, Classic Storage Account Contributor, Classic Virtual Machine Contributor, ClearDB MySQL DB Contributor, Cognitive Services Contributor, Cognitive Services User, Collaborative Data Contributor, Cosmos DB Account Reader Role, Cosmos DB Operator, Cost Management Contributor, Cost Management Reader, Data Box Contributor, Data Box Reader, Data Factory Contributor, Data Lake Analytics Developer, Device Update Administrator, Device Update Content Administrator, Device Update Content Reader, Device Update Deployments Administrator, Device Update Deployments Reader, Device Update Reader, DNS Zone Contributor, DocumentDB Account Contributor, EventGrid EventSubscription Contributor, HDInsight Cluster Operator, Integration Service Environment Contributor, Integration Service Environment Developer, Intelligent Systems Account Contributor, Key Vault Administrator (preview), Key Vault Certificates Officer (preview), Key Vault Contributor, Key Vault Crypto Officer (preview), Key Vault Reader (preview), Key Vault Secrets Officer (preview), Kubernetes Cluster - Azure Arc Onboarding, Lab Creator, Log Analytics Reader, Logic App Contributor, Logic App Operator, Managed Identity Contributor, Managed Identity Operator, Monitoring Contributor, Monitoring Metrics Publisher, Monitoring Reader, Network Contributor, New Relic APM Account Contributor, Private DNS Zone Contributor, Redis Cache Contributor, Resource Policy Contributor, Scheduler Job Collections Contributor, Search Service Contributor, Security Admin, Security Manager (Legacy), SignalR AccessKey Reader, SignalR Contributor, Site Recovery Contributor, Site Recovery Operator, Site Recovery Reader, SQL DB Contributor, SQL Managed Instance Contributor, SQL Security Manager, SQL Server Contributor, Storage Account Contributor, Support Request Contributor, Tag Contributor, Traffic Manager Contributor, User Access Administrator, Virtual Machine Contributor, Web Plan Contributor, Website Contributor

NotActions n/a

DataActions n/a

NotDataActions n/a

Used in Policy

Policy DisplayName	Policy Id	Category
[Deprecated]: Deploy default Log Analytics Agent for Ubuntu VMs	3d8640fc-63f6-4734-8dcb-cfd3d8c78f38	Compute
[Preview]: Deploy Dependency agent to hybrid Linux Azure Arc machines	deacecc0-9f84-44d2-bb82-46f32d766d43	Monitoring
[Preview]: Deploy Dependency agent to Windows Azure Arc machines	91cb9edd-cd92-4d2f-b2f2-bdd8d065a3d4	Monitoring
[Preview]: Deploy Diagnostic Settings for Recovery Services Vault to Log Analytics workspace for resource specific categories.	c717fb0c-d118-4c43-ab3d-ece30ac81fb3	Backup
[Preview]: Deploy Log Analytics agent to Linux Azure Arc machines	9d2b61b4-1d14-4a63-be30-d4498e7ad2cf	Monitoring
[Preview]: Deploy Log Analytics agent to Windows Azure Arc machines	69af7d4a-7b18-4044-93a9-2651498ef203	Monitoring
Deploy Dependency agent for Linux virtual machines	4da21710-ce6f-4e06-8cdb-5cc4c93ffbee	Monitoring
Deploy Dependency agent for Windows virtual machines	1c210e94-a481-4beb-95fa-1571b434fb04	Monitoring
Deploy Diagnostic Settings for Batch Account to Log Analytics workspace	c84e5349-db6d-4769-805e-e14037dab9b5	Monitoring
Deploy Diagnostic Settings for Data Lake Analytics to Log Analytics workspace	d56a5a7c-72d7-42bc-8ceb-3baf4c0eae03	Monitoring
Deploy Diagnostic Settings for Data Lake Storage Gen1 to Log Analytics workspace	25763a0a-5783-4f14-969e-79d4933eb74b	Monitoring
Deploy Diagnostic Settings for Event Hub to Log Analytics workspace	1f6e93e8-6b31-41b1-83f6-36e449a42579	Monitoring
Deploy Diagnostic Settings for Key Vault to Log Analytics workspace	bef3f64c-5290-43b7-85b0-9b254eef4c47	Monitoring
Deploy Diagnostic Settings for Logic Apps to Log Analytics workspace	b889a06c-ec72-4b03-910a-cb169ee18721	Monitoring
Deploy Diagnostic Settings for Search Services to Log Analytics workspace	08ba64b8-738f-4918-9686-730d2ed79c7d	Monitoring
Deploy Diagnostic Settings for Service Bus to Log Analytics workspace	04d53d87-841c-4f23-8a5b-21564380b55e	Monitoring
Deploy Diagnostic Settings for Stream Analytics to Log Analytics workspace	237e0f7e-b0e8-4ec4-ad46-8c12cb66d673	Monitoring
Deploy Log Analytics agent for Linux virtual machine scale sets	5ee9e9ed-0b42-41b7-8c9c-3cfb2fbe2069	Monitoring
Deploy Log Analytics agent for Linux VMs	053d3325-282c-4e5c-b944-24faffd30d77	Monitoring
Deploy Log Analytics agent for Windows virtual machine scale sets	3c1b3629-c8f8-4bf6-862c-037cb9094038	Monitoring
Deploy Log Analytics agent for Windows VMs	0868462e-646c-4fe3-9ced-a733534b6a2c	Monitoring

Json

{
  "Name": "Log Analytics Contributor",
  "Id": "92aaf0da-9dab-42b6-94a3-d43ce8d16293",
  "IsCustom": false,
  "Description": "Log Analytics Contributor can read all monitoring data and edit monitoring settings. Editing monitoring settings includes adding the VM extension to VMs; reading storage account keys to be able to configure collection of logs from Azure Storage; creating and configuring Automation accounts; adding solutions; and configuring Azure diagnostics on all Azure resources.",
  "Actions": [
    "*/read",
    "Microsoft.Automation/automationAccounts/*",
    "Microsoft.ClassicCompute/virtualMachines/extensions/*",
    "Microsoft.ClassicStorage/storageAccounts/listKeys/action",
    "Microsoft.Compute/virtualMachines/extensions/*",
    "Microsoft.HybridCompute/machines/extensions/write",
    "Microsoft.Insights/alertRules/*",
    "Microsoft.Insights/diagnosticSettings/*",
    "Microsoft.OperationalInsights/*",
    "Microsoft.OperationsManagement/*",
    "Microsoft.Resources/deployments/*",
    "Microsoft.Resources/subscriptions/resourcegroups/deployments/*",
    "Microsoft.Storage/storageAccounts/listKeys/action",
    "Microsoft.Support/*"
  ],
  "NotActions": [
    
  ],
  "DataActions": [
    
  ],
  "NotDataActions": [
    
  ],
  "AssignableScopes": [
    "/"
  ]
}

Azure Role

Log Analytics Contributor

Popular