Glad to see that your issue had already been resolved and thanks for sharing the solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "[The question author cannot accept their own answer. They can only accept answers by others]", I'll repost your solution in case you'd like to "[Accept]" the answer.
[Azure Runbook] Managed Identity Groups Modifications
How permissions should be assigned for managed identity to work with security mail enabled groups?
Managed Identity require RBAC role (Security Group Creation and Membership) in Exchange.