Forum Discussion
Azure Sentinel Automation (Preview) - Issue with Permission assignment
Hi @AzureSentinel Team, I believe this is a bug unless there is any reason to do so. At Azure Sentinel Automation (Preview) when tried to assign permission for logic app I am getting the erro...
Javier-Soriano
Microsoft
MicrosoftFor scenario #1...how can you have owner on the subscription via Lighthouse? that role is not allowed in an Lighthouse delegation: https://docs.microsoft.com/en-us/azure/lighthouse/concepts/tenants-users-roles#role-support-for-azure-lighthouse
For scenario #2, azure security insights app must have Azure Sentinel Automation Contributor (not Azure Sentinel Contributor).
For scenario #2, azure security insights app must have Azure Sentinel Automation Contributor (not Azure Sentinel Contributor).
Adding more details to those scenarios.
Scenario #1
I never mentioned I am the owner through Azure Lighthouse instead I am the guest user existing in the primary tenant.
Scenario 2.
Already assigned the Azure Sentinel Automation Contributor through Azure Lighthouse template deployment as stated earlier in my message.
Scenario #1
I never mentioned I am the owner through Azure Lighthouse instead I am the guest user existing in the primary tenant.
Scenario 2.
Already assigned the Azure Sentinel Automation Contributor through Azure Lighthouse template deployment as stated earlier in my message.
In my scenario i am using analytical rule and runbook both in primary tenant. I have contributor level permissions on resource group containing sentinel and logic apps, rg containing runbook is already allowed permission to run runbook from Sentinel Setting runbook permissions.
When I try to run the runbook from incident alerts I am getting Missing Permissions to view playbook runs.
We are using Lighthouse but here we are not doing anything cross tenant in terms of Sentinel.I have Sentinel Contributor role on the Lighthouse level as well.
