Forum Discussion
Azure Sentinel Automation (Preview) - Issue with Permission assignment
Hi @AzureSentinel Team, I believe this is a bug unless there is any reason to do so. At Azure Sentinel Automation (Preview) when tried to assign permission for logic app I am getting the erro...
denismello
Microsoft
MicrosoftThanks all for your inputs.
To answer Javier's comments, I want to add that I'm using a Visual Studio subscription. Is this an issue?
It is really simple to reproduce the error: I go to "Automation" (on Azure Sentinel tab), then I click on "Create new automation rule".
After selecting the options and the Playbook I want to run, I got the error: "Failed to save automation rule. Save the automation rule 'XXX' failed. Error: Caller is missing required playbook triggering permissions on playbook resource '/subscriptions/a1040a9c-a6129-4918-b809-922ee8ccf811/resourceGroups/Azure_Sentinel_name/provide... or Azure Sentinel is missing required permissions to verify the caller has permissions.
If you want to set up a call to go through this, please let me know.
Regards.
To answer Javier's comments, I want to add that I'm using a Visual Studio subscription. Is this an issue?
It is really simple to reproduce the error: I go to "Automation" (on Azure Sentinel tab), then I click on "Create new automation rule".
After selecting the options and the Playbook I want to run, I got the error: "Failed to save automation rule. Save the automation rule 'XXX' failed. Error: Caller is missing required playbook triggering permissions on playbook resource '/subscriptions/a1040a9c-a6129-4918-b809-922ee8ccf811/resourceGroups/Azure_Sentinel_name/provide... or Azure Sentinel is missing required permissions to verify the caller has permissions.
If you want to set up a call to go through this, please let me know.
Regards.
Javier-SorianoMicrosoft
MicrosoftAre you also working in a Lighthouse setup or in a single AAD tenant setup? if you're working in a single tenant, these instructions should work: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-respond-threats-playbook#respond-to-incidents
For the multi-tenant scenario, we have now added the proper instructions here: https://docs.microsoft.com/en-us/azure/sentinel/automate-incident-handling-with-automation-rules#permissions-in-a-multi-tenant-architecture
For the multi-tenant scenario, we have now added the proper instructions here: https://docs.microsoft.com/en-us/azure/sentinel/automate-incident-handling-with-automation-rules#permissions-in-a-multi-tenant-architecture