Glad to see that your issue had already been resolved and thanks for sharing the solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "[The question author cannot accept their own answer. They can only accept answers by others]", I'll repost your solution in case you'd like to "[Accept]" the answer.
[Azure Runbook] Managed Identity Groups Modifications
Issue Symptom:
How permissions should be assigned for managed identity to work with security mail enabled groups?
Solution:
Managed Identity require RBAC role (Security Group Creation and Membership) in Exchange.
https://learn.microsoft.com/en-us/powershell/module/exchange/new-serviceprincipal?view=exchange-ps
https://learn.microsoft.com/en-us/exchange/permissions-exo/application-rbac
Best,