Help Center/ Migration Center/ FAQs/ Resource Discovery/ How Do I Configure the Permissions Required for Collecting Details of Azure Containers?
Updated on 2024-12-16 GMT+08:00
View PDF
Share

How Do I Configure the Permissions Required for Collecting Details of Azure Containers?

This section describes how to configure the permissions required for using MgC to collect details about Azure container resources. The application that the collection credential belongs to must have the following information in the involved resource group and subscription:

  • Microsoft.ClassicCompute/virtualMachines/read
  • Microsoft.Insights/MetricDefinitions/Read
  • Microsoft.Management/getEntities/action

Procedure

  1. Sign in to the Azure portal.
  2. In the upper part of the page, enter Resource groups in the search box and select Resource groups.

  3. In the resource group list, click the resource group that contains your Azure Kubernetes Service (AKS) resources.

  4. In the navigation pane on the left, choose Access control (IAM). On the Check access tab, click Add role assignment.

  5. Select Reader and click Next.

  6. Click Select members. In the dialog box displayed on the right, search for and click the application name (that the collection credential belongs to).

  7. Click Select to add it to the member list.

  8. Click Review + assign.

  9. After confirming that the role and member are correct, click Review+ assign to configure permissions for the application in the resource group.

  10. In the upper part of the page, search for and select Subscriptions.

  11. In the subscription list, click the name of the subscription that contains your AKS resources.

  12. Configure permissions for the application in the subscription by referring to Step 4 to Step 9.

Parent topic: Resource Discovery