# Configure Azure Resources ## Enable a managed identity If you have not already done so, enable a system-managed identity for the automation account. * In the automation account, go to **Account Settings > Identity** * In the **System assigned** tab, set the **Status** to **On**. {% hint style="info" %} You could also use a user-managed identity if you prefer. {% endhint %} ## Enable Log Analytics workspace access for the managed identity To allow the automation account to read and write data to the log analytics workspace, assign it the appropriate permission. * In the Log Analytics workspace, go to the **Access control (IAM)** blade. * Click **Add > Add role assignment**

* Select the **Log Analytics Contributor** role and click **Next** * ```

``` * Next to **Assign access to**, select **Managed identity**, then click **Select members**

* Under **Managed identity**, select **Automation Account**

* Select the automation account from the list and click **Select.** * Click **Review + assign** twice to finish. ## Log Analytics data retention By default, a log analytics workspace in the Pay as you go tier includes 31 days of free data retention. If you wish, you can increase this, but there are some things to consider if doing so: * You will be charged for data retention beyond the free 31 days * The retention period affects how much historic data you will be able to see in your software updates report, for example in the trend charts. * Longer retention times means your report queries will need to process more data and return more rows and increases the risk of hitting API service limits. To change the data retention period: * In the Log Analytics workspace, go to **General > Usage and estimated costs** * Click **Data retention** at the top * Set the desired retention period and click **OK**.

{% hint style="info" %} If you are willing to pay for it, a 60-day retention period is recommended. {% endhint %}