If the software and inventory functionality is only used for the supported regions, the new approach can be used via the AMA and the documentation can be followed, which unfortunately contains some errors. From August, the new way via AMA will be the standard. Microsoft also wants to provide a functioning migration path by August.

To activate the feature, the PolicySet [Preview]: Enable ChangeTracking and Inventory for virtual machines (currently in preview) can be used. At least the policies for Change tracking, AMA and Data Collection Rule must be activated. The policy for the User-Assigned-Identity (Assign Built-In User-Assigned Managed Identity to Virtual Machines) is incorrect and can be omitted. A remediation task of this policy does not setup a correct user managed identity in the VM either. It would only become compliant if a User-Assigned-Identity was (manually) set for the VMs. ☝️ This is also the problem, because the user managed identity is required in order to have write permissions to the Log Analytics Workspace or the Data Collection Rule.

The steps to setup the Inventory of the VM with AMA are:

  1. Deploy a Log Analytics Workspace
  2. Deploy the Data Collection Rule and reference the Resource ID of the Log Analytics Workspace from point 1
  3. Create a User Assigned Managed Identity and give it Contributor Permissions on the scope the VMs
  4. Deploy the PolicySet (☝️It is unimportant whether your own managed identity is used or not. In the end, you will need your own managed identity anyway)
  5. Assign the User Assigned Managed Identity to the VMs

After deploying the whole PolicySet:

The User Assigned Managed Identity is not assigned by the policy:

Therefore the installed AMA on the VM is not connected to the Log Analytics Workspace:

A remediation task does not work either:

After assigning the User Assigned Managed Identity manually to the VM:

The Agent is working properly:

You can find the results in Log Analytics Workspace or in the Inventory blade of VM:

⚠️ Please note that assigning the User Assigned Managed Identity must be done through a policy or script, otherwise this solution will not work automatically for new VMs.