![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 90%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Sentinel
A cloud-native SIEM solution that provides intelligent security analytics and threat detection across systems
Thank you for your post and I apologize for the delayed response!
I understand that you're trying to create a Logic App (Playbook) within Microsoft Sentinel and are running into a potential permissions issue as detailed within your screenshots. To hopefully point you in the right direction or resolve your issue, I'll share some of my findings below.
Findings:
Referencing your first two screenshots, from the Manage Permissions page - It looks like your Sentinel Resource Group might already have the correct permission since it isn't populating under the Browse tab.
To confirm this, can you share what you see under the Current Permissions tab?
Note: If your Sentinel Resource Group isn't populating under the Current Permissions tab and you still aren't able to configure these permissions, please let me know. Additionally, I'd also make sure that your signed in user has Owner permissions on any resource group to which you want to grant Microsoft Sentinel permissions, and you have the Logic App Contributor role on any resource group containing playbooks you want to run. For more info.
I also noticed you mentioned not running into issues within your UI, as shown from your Automation rules page, and this is most likely due to your Resource Group already having the correct permission.
You can see which Resource Group your Playbook is created in from the Active Playbooks tab.
Additional Links:
- Automate threat response with playbooks in Microsoft Sentinel - Permissions required
- Sentinel playbook related issue
I hope this helps!
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.