Azure Automation: issues connecting to security and compliance center in remote session

New Contributor

I'm at a loss here. I'm trying to use a Azure Automation PowerShell runbook to connect to the Security and Compliance Center. Specifically I am looking to use the Get-RetentionCompliancePolicy and Set-RetentionCompliancePolicy commands.

I've tried a number of different modules to attempt to connect but none seem to work. I have code that works locally, but when put into a runbook and load the same module there, it won't connect properly. Instead it redirects and seems to loop on the connect and import step.
When I finally got it to appear to connect and import once (not loop), it does not recognize the Get-RetentionCompliancePolicy command and I can't find it in a Get-Commands call.

Any tips on how to get this to work? below is the code I'm using to connect and import.




$cred = Get-AutomationPSCredential -Name "Admin"
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session -DisableNameChecking -AllowClobber | Out-Null


Get-PSSession | Remove-PSSession




1 Reply
best response confirmed by thinkhaven (New Contributor)

It turned out to be a permission issue on my service account. I had it setup as a Security Center Admin but apparently that is not enough for this to work. After giving the account more capabilities under the Security and Compliance center it started working.


I have not tested exactly what minimum permissions is required but when I checked all these it started working. Previously I only had Security admin checked.


So lesson here is don't assume Security Admin role means they can do everything in the Security and Compliance center. Seems backwards but there you have it.