cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Azure Automation: issues connecting to security and compliance center in remote session

thinkhaven
New Contributor

‎Mar 23 2020 06:04 PM - edited ‎Mar 23 2020 06:08 PM

‎Mar 23 2020 06:04 PM - edited ‎Mar 23 2020 06:08 PM

Azure Automation: issues connecting to security and compliance center in remote session

I'm at a loss here. I'm trying to use a Azure Automation PowerShell runbook to connect to the Security and Compliance Center. Specifically I am looking to use the Get-RetentionCompliancePolicy and Set-RetentionCompliancePolicy commands.

 
I've tried a number of different modules to attempt to connect but none seem to work. I have code that works locally, but when put into a runbook and load the same module there, it won't connect properly. Instead it redirects and seems to loop on the connect and import step.
 
When I finally got it to appear to connect and import once (not loop), it does not recognize the Get-RetentionCompliancePolicy command and I can't find it in a Get-Commands call.

Any tips on how to get this to work? below is the code I'm using to connect and import.

 

 

 

$cred = Get-AutomationPSCredential -Name "Admin"
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking -AllowClobber | Out-Null

Get-RetentionCompliancePolicy

Get-PSSession | Remove-PSSession

 

 

 

1,315 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by thinkhaven (New Contributor)
thinkhaven

‎Apr 01 2020 04:49 PM - edited ‎Apr 08 2020 03:53 PM

‎Apr 01 2020 04:49 PM - edited ‎Apr 08 2020 03:53 PM

Solution

Re: Azure Automation: issues connecting to security and compliance center in remote session

It turned out to be a permission issue on my service account. I had it setup as a Security Center Admin but apparently that is not enough for this to work. After giving the account more capabilities under the Security and Compliance center it started working.

thinkhaven_0-1586386355519.png

I have not tested exactly what minimum permissions is required but when I checked all these it started working. Previously I only had Security admin checked.

 

So lesson here is don't assume Security Admin role means they can do everything in the Security and Compliance center. Seems backwards but there you have it.

0 Likes
Reply