I'm trying to allow team members to view one specific table in a Log Analytics Workspace.
I added the Table IAM role Reader
for that specific user, but they couldn't access the workspace that way. Hence I added Reader
to the workspace IAM, but that allows access to all tables.
Is there a way to allow someone access to Log Analytics but only query one table?
Azure Log Analytics only allow access to one specific table:
To allow access to a specific table in log analytics workspaces, you can follow below steps as detailed.
Refer Set table-level read access MS Doc.
Log analytics workspace >> Access Control (IAM) >> Roles
as shown in the below image.actions[]
block by clicking on edit Json
option."Microsoft.OperationalInsights/workspaces/read",
"Microsoft.OperationalInsights/workspaces/query/read"
Once it's done, click on save
changes and custom role will be created.
After all the above procedure, the new custom role will be visible now under Access control (IAM) >> roles
.
Now go to Access control (AIM) >> Add >> Add role assignment
for the specific user or service principal according to your requirement.