What role is required to link AppInsights to APIM instance

[fgheysels]

It is not clear from the documentation what (minimum) role is required to be able to link an Application Insights resource to an API Management resource.

It would be helpful to have this information added to the documentation.

---

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: c26c1996-853e-9a55-5802-8c4095d545b9
• Version Independent ID: 437f5553-6914-c0ef-9370-bb11d3a0fa4b
• Content: Integrate Azure API Management with Azure Application Insights - Azure API Management
• Content Source: articles/api-management/api-management-howto-app-insights.md
• Service: api-management
• GitHub Login: @dlepow
• Microsoft Alias: danlep

[ManoharLakkoju-MSFT]

@fgheysels Thanks for your feedback! We will investigate and update as appropriate.

[mumurug-MSFT]

@fgheysels If you are looking for the built-in role, you need to have API Management Service Contributor role (check Built-in service roles). However, in case of a custom role with minimum required permissions, permission Microsoft.ApiManagement/service/diagnostics/write is required based on Diagnostic entity API in addition to read access to the APIM instance. Refer Microsoft.ApiManagement doc for more detailed info.

I suggest you review https://techcommunity.microsoft.com/t5/azure-paas-blog/usage-of-custom-rbac-roles-in-azure-api-management/ba-p/1560571 for creating a custom role and validate the permission.

@dlepow any thoughts? Can we add a similar note like in other doc?

[dlepow]

@fgheysels @mumurug-MSFT - Thanks for the feedback about this article. I'll add a note about the minimum permissions required for creating the App Insights diagnostic.

[mumurug-MSFT]

@fgheysels We will proceed to close this thread and feel free to let us know if any questions. Thanks again.