Hello @Shawn Goodwin !
I see you are having trouble with the Powershell running from Automation Account as Managed Identity for EXO commands
I cannot see this important Step:
Step 4: Grant the Exchange.ManageAsApp API permission for the managed identity to call Exchange Online
The procedures in this step require the Microsoft Graph PowerShell SDK. For installation instructions, see Install the Microsoft Graph PowerShell SDK.
- Run the following command to connect to Microsoft Graph PowerShell with the required permissions:
PowerShell
-
Connect-MgGraph -Scopes AppRoleAssignment.ReadWrite.All,Application.Read.All
If a Permissions requested dialog opens, select Consent on behalf of your organization, and then click Accept.
- Run the following commands to grant the Exchange.ManageAsApp API permission for the managed identity to call Exchange Online:
PowerShell
-
$AppRoleID = "dc50a0fb-09a3-484d-be87-e023b12c6440" $ResourceID = (Get-MgServicePrincipal -Filter "AppId eq '00000002-0000-0ff1-ce00-000000000000'").Id New-MgServicePrincipalAppRoleAssignment -ServicePrincipalId $MI_ID -PrincipalId $MI_ID -AppRoleId $AppRoleID -ResourceId $ResourceID
-
$MI_ID
is the Id (GUID) value of the managed identity that you stored in a variable in Step 2. -
$AppRoleID
is the Id (GUID) value of the Exchange.ManageAsApp API permission that's the same in every organization. -
$ResourceID
is the Id (GUID) value of the Office 365 Exchange Online resource in Azure Active Directory. The Id value is different in every organization.
For detailed syntax and parameter information, see the following articles:
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards