You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# Move a Log Analytics workspace to a different subscription or resource group
13
13
14
-
In this article, you'll learn the steps to move a Log Analytics workspace to another resource group or subscription in the same region.
14
+
In this article, you'll learn the steps to move a Log Analytics workspace.
15
15
16
16
> [!TIP]
17
17
> To learn more about how to move Azure resources through the Azure portal, PowerShell, the Azure CLI, or the REST API, see [Move resources to a new resource group or subscription](../../azure-resource-manager/management/move-resource-group-and-subscription.md).
18
18
19
-
> [!IMPORTANT]
20
-
> You can't move a workspace to a different region by using this procedure. To move a workspace across regions, see [Move a Log Analytics workspace to another region](./move-workspace-region.md).
19
+
## Prerequisites
20
+
21
+
- The subscription or resource group where you want to move your Log Analytics workspace must be located in the same region as the Log Analytics workspace you're moving.
22
+
> [!NOTE]
23
+
> To move a workspace across regions, see [Move a Log Analytics workspace to another region](./move-workspace-region.md).
24
+
- The move operation requires that no services can be linked to the workspace. Prior to the move, delete solutions that rely on linked services, including an Azure Automation account. These solutions must be removed before you can unlink your Automation account. Data collection for the solutions will stop and their tables will be removed from the UI, but data will remain in the workspace per the table retention period. When you add solutions after the move, ingestion is restored and tables become visible with data. Linked services include:
25
+
- Update management
26
+
- Change tracking
27
+
- Start/Stop VMs during off-hours
28
+
- Microsoft Defender for Cloud
29
+
- Connected [Log Analytics agents](../agents/log-analytics-agent.md) and [Azure Monitor Agent](../agents/azure-monitor-agent-overview.md) remain connected to the workspace after the move with no interruption to ingestion.
30
+
- Microsoft Sentinel can't be deployed on the Log Analytics workspace.
21
31
22
32
## Permissions required
23
33
24
-
- To verify the Azure Active Directory tenant, you need `Microsoft.AzureActiveDirectory/b2cDirectories/read` permissions, as provided by the [Log Analytics Reader built-in role](./manage-access.md#log-analytics-reader), for example.
25
-
- To delete a solution, you need `Microsoft.OperationsManagement/solutions/delete` permissions on it, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example.
26
-
- To remove alert rules for the Start/Stop VMs solution, you need `microsoft.insights/scheduledqueryrules/delete` permissions, as provided by the [Monitoring Contributor built-in role](../../role-based-access-control/built-in-roles.md#monitoring-contributor), for example.
27
-
- To unlink the Automation account, you need `Microsoft.OperationalInsights/workspaces/linkedServices/delete` permissons on the linked workspace, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example.
28
-
- To move a Log Analytics workspace, you need `Microsoft.OperationalInsights/workspaces/delete` and `Microsoft.OperationalInsights/workspaces/write` permissions on it, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example.
34
+
| Action | Permissions required |
35
+
|:---|:---|
36
+
| Verify the Azure Active Directory tenant. |`Microsoft.AzureActiveDirectory/b2cDirectories/read` permissions, as provided by the [Log Analytics Reader built-in role](./manage-access.md#log-analytics-reader), for example. |
37
+
| Delete a solution. |`Microsoft.OperationsManagement/solutions/delete` permissions on the solution, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example. |
38
+
| Remove alert rules for the Start/Stop VMs solution. |`microsoft.insights/scheduledqueryrules/delete` permissions, as provided by the [Monitoring Contributor built-in role](../../role-based-access-control/built-in-roles.md#monitoring-contributor), for example. |
39
+
| Unlink the Automation account |`Microsoft.OperationalInsights/workspaces/linkedServices/delete` permissons on the linked Log Analytics workspace, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example. |
40
+
| Move a Log Analytics workspace. |`Microsoft.OperationalInsights/workspaces/delete` and `Microsoft.OperationalInsights/workspaces/write` permissions on the Log Analytics workspace, as provided by the [Log Analytics Contributor built-in role](./manage-access.md#log-analytics-contributor), for example. |
29
41
30
42
## Workspace move considerations
31
43
32
44
Consider these points before you move a Log Analytics workspace:
33
45
34
46
- Managed solutions that are installed in the workspace will be moved in this operation.
35
-
- The move operation requires that no services can be linked to the workspace. Solutions that rely on linked services must be removed prior to the move, including an Azure Automation account. These solutions must be removed before you can unlink your Automation account. Data collection for the solutions will stop and their tables will be removed from the UI, but data will remain in the workspace per the table retention period. When you add solutions after the move, ingestion is restored and tables become visible with data. Linked services include:
36
-
- Update management
37
-
- Change tracking
38
-
- Start/Stop VMs during off-hours
39
-
- Microsoft Defender for Cloud
40
47
- Workspace keys (both primary and secondary) are regenerated with a workspace move operation. If you keep a copy of your workspace keys in Azure Key Vault, update them with the new keys generated after the workspace is moved.
41
-
- Connected [Log Analytics agents](../agents/log-analytics-agent.md) and [Azure Monitor Agent](../agents/azure-monitor-agent-overview.md) remain connected to the workspace after the move with no interruption to ingestion.
0 commit comments