This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Who rated this post

dmaynard
L4 Transporter

‎04-13-2022 03:21 AM

PLUG-7780 - When the monitoring definition service principle for VM monitoring in Azure is configured correctly on the Panorama plugin for Azure 3.0.x with PAN-OS 10.0.x, the service principal validation check displays as failed under 
Panorama > Azure > Setup > Service Principal
.

Please find the list of actions/permissions required to support monitoring for the Azure 3.0.1 plugin below:

 

The list of permissions required to enable monitoring are as below:

"actions": [
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/locations/serviceTags/read",
"Microsoft.Network/loadBalancers/read",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Network/publicIPAddresses/read"
]

 

With these permissions assigned to a service principal, validation will fail but the monitoring functionality is not affected and the 3.0.1 plugin will continue to function as designed.

(1)
Who rated this post
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks