Share via

How to deploy playbooks in a customer tenant using Azure Lighthouse

Ethan Harris 0 Reputation points
2023-08-08T15:45:06.11+00:00

I am attempting to deploy a playbook that will automatically send an email to the security team when a certain incident has been triggered. I run into a an error when trying publish the playbook that states that "caller is missing required playbook triggering permissions on playbook resource". I am unsure why I am still unable to publish the playbook as I have all of the correct permissions delegated to me through Azure lighthouse.

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,263 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. David Broggy 6,196 Reputation points MVP
    2023-08-08T23:16:03.4666667+00:00

    Hi Ethan,

    I would first verify that the owner of the resource group where you're running your Sentinel/lighthouse instance can create playbooks.

    If that works then I'd verify that you've been given the automation role.

    If that doesn't work I'd verify that the playbook you're trying to create is in the same resource group as the Sentinel/lighthouse instance.

    Good luck.

    Reference:

    https://learn.microsoft.com/en-us/azure/sentinel/roles

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.