I had a cluster built with an ARM template and setup Log Analytics to collect via the ContainerInsights solution. Everything was working as expected with RBAC disabled. I was seeing logs coming from my deployed pods.
I rebuilt the cluster with RBAC enabled and Azure AD authentication configured. Now I see some data flowing to Log Analytics via ContainerInsights, but I don't see logs from my pods anymore. I'm assuming I need to update a permission somewhere to collect them, but I can't find it in the documentation. I tried inspecting the roles, clusterroles & serviceaccounts in the cluster, but nothing seemed obvious on what collection method was being used.
My question: What's the correct way to configure an RBAC enabled cluster to collect pod logs in Log Analytics?
I did have to update my AKS version since AKS only supports the last 2 micro versions, so I went from 1.10.5 to 1.11.3. I'm assuming that the version bump didn't break log collection, but wanted to call it out in case it did.
