Running Export-ActivityExplorerData in context of Azure Automation app ID

Andrew VO 146 Reputation points
2023-05-30T14:29:05.6266667+00:00

I have been using Export-ActivityExplorerData when my client asks for DLP violations in Purview. It makes sense to do this via a self-serve runbook. Automation is already doing a bit of EXO admin, so this would just be adding to it.

Is this possible, or is it prevented by design for security/privacy reasons? Feel confident the app registration has the permissions as per this article. I have also read this article. The app registration has these permissions

Screenshot 2023-05-30 092745.png

I am testing using Powershell ISE (5.1) on my laptop, then will move it to a runbook when it works. EXO is v3.1.

It connects fine with Connect-IPPSSession -CertificateThumbPrint $thumbprint -AppID $applicationid -Organization $organization

but this error is returned when trying to run the cmdlet.

Export-ActivityExplorerData : The term 'Export-ActivityExplorerData' is not recognized as the name of a cmdlet, function

Everything works fine when authenticating using my credentials. This is why I wonder if the behavior is by design.

Many thanks in advance!

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,383 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,374 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 100K Reputation points MVP
    2023-05-30T17:14:30.8233333+00:00

    Which role(s) do you have assigned to the service principal? If the cmdlet is not available under connecting, the most likely reason is that it's not present in any of the role(s) definitions currently assigned to the SP object.


0 additional answers

Sort by: Most helpful