Limit Role access to Workbooks

%3CLINGO-SUB%20id%3D%22lingo-sub-1251228%22%20slang%3D%22en-US%22%3ELimit%20Role%20access%20to%20Workbooks%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1251228%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20created%20a%20set%20of%20Workbooks%20that%20provides%20pre-emptive%20tasks%20%2F%20dashboards%20for%20the%20help%20desk.%20How%20can%20I%20give%20access%20to%20Helpdesk%20users%20to%20view%20these%20Workbooks%20without%20needing%20to%20give%20them%20Sentinel%20Reader%20permissions%20which%20will%20allow%20them%20to%20see%20Incidents%20that%20the%20SOC%20is%20working%20on%20and%20may%20be%20sensitive%20information%3F%20I%20have%20looked%20at%20creating%20a%20custom%20role%20but%20the%20Microsoft.SecurityInsights%20permissions%20does%20not%20have%20any%20Workbook%20related%20permissions%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPieter%3C%2FP%3E%3CH2%20id%3D%22toc-hId--1383187845%22%20id%3D%22toc-hId--1383185898%22%20id%3D%22toc-hId--1383185898%22%3E%26nbsp%3B%3C%2FH2%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1251437%22%20slang%3D%22en-US%22%3ERe%3A%20Limit%20Role%20access%20to%20Workbooks%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1251437%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F323159%22%20target%3D%22_blank%22%3E%40PHancke%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EA%20bit%20of%20a%20hack%2C%20but%20I%20gave%20the%20user%20Log%20Analytics%20Reader%20perms%20on%20the%20RG%20and%20then%20copied%20the%20content%20of%20the%20Sentinel%20Workbook%20to%20Log%20Analytics%20Workbooks%20-%20this%20way%20the%20user%20can%20run%20the%20Workbook%20but%20have%20no%20direct%20permission%20in%20Sentinel%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hi,

 

We have created a set of Workbooks that provides pre-emptive tasks / dashboards for the help desk. How can I give access to Helpdesk users to view these Workbooks without needing to give them Sentinel Reader permissions which will allow them to see Incidents that the SOC is working on and may be sensitive information? I have looked at creating a custom role but the Microsoft.SecurityInsights permissions does not have any Workbook related permissions?

 

Regards

 

Pieter

 

1 Reply
Highlighted

@PHancke 

A bit of a hack, but I gave the user Log Analytics Reader perms on the RG and then copied the content of the Sentinel Workbook to Log Analytics Workbooks - this way the user can run the Workbook but have no direct permission in Sentinel