Mar 30 2020
05:22 AM
- last edited on
Dec 23 2021
10:18 AM
by
TechCommunityAP
Mar 30 2020
05:22 AM
- last edited on
Dec 23 2021
10:18 AM
by
TechCommunityAP
Hi,
I am trying to share Azure Sentinel Workbooks (custom) & as well as Azure Dashboards to external guest users i.e. Azure B2B user accounts but not able to share it.
I get error even after of assigning appropriate RBAC roles (mostly tried Azure Log analytics Reader, Azure Sentinel Reader & Reader) at different levels.
Please note: This sharing is for external B2B users.
Appreciate your response.
Thanks.
Mar 30 2020 09:21 AM
@PrashTechTalk Just a thought but have you tried to copy the Azure Sentinel workbooks to the Log Analytics workbooks and see if that works?
Mar 30 2020 11:47 AM
Solution
So rather than Share, use EDIT and then Advanced Edit, to download a copy of the JSON (or ARM) to the user. Then get them to import the workbook. https://github.com/CliveW-MSFT/KQLpublic/blob/master/README.md for Import / Export info
Mar 31 2020 02:04 AM
@Gary Bushey - Thankyou & Appreciate your response..I will give a try. Because the objective is to share B2B guests and that i do not want to assign RBAC at subscription level or resource group level i think its not possible to achieve. As per Microsoft documentation the user should be part of the subscription.
Mar 31 2020 02:10 AM
@CliveWatson @ Thanks & Appreciate your response. This is a brilliant approach but the condition is B2B user should only read the workbook not own it completely or have feasibility to import it & modify.
Please correct me if i am wrong..
I am trying to share Azure Sentinel Workbook or Azure Dashboard with read only access to B2B users but i should make sure the actual workload reside in my tenant.
Apr 06 2020 03:31 AM
@Gary Bushey - Hi Gary,
I tried your solution works completely fine only when the dashboard is built on customer tenant else they will not see the cross tenant data. Sadly i had to opt for building workloads on customer tenant for this reason, Also RBAC for dashboard only is not available and had to grant reader access.
Thanks.
Apr 06 2020 04:38 AM
@PrashTechTalk OK, I see what you are trying to do now. Have you looked at Lighthouse where you can grant the customers the rights into your tenant?
Mar 30 2020 11:47 AM
Solution
So rather than Share, use EDIT and then Advanced Edit, to download a copy of the JSON (or ARM) to the user. Then get them to import the workbook. https://github.com/CliveW-MSFT/KQLpublic/blob/master/README.md for Import / Export info