Error code 403 when accessing newly created defender EASM instance

TobiasL6952 25 Reputation points
2023-11-15T16:29:39.1066667+00:00

I have created a defender for EASM Instance but receive a "You do not have access" error code 403 when trying to access it after deployment. I have tried multiple times and waited days between attempts but the issue persists. I am a global admin. The error message I receive is:

ExtensionMicrosoft_Azure_EASM
- ContentOverview.ReactView
- Error code403

I have tried this on different tenants with the same result. What could be the issue? Please advise.

Best regards, Tobias

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,047 questions
0 comments No comments
{count} vote

Accepted answer
  1. Givary-MSFT 22,726 Reputation points Microsoft Employee
    2023-11-16T10:31:41.98+00:00

    @TobiasL6952 Thank you for reaching out to us, As I understand you are trying to access newly created Defender EASM instance and getting 403 error.

    Would request you to check if Owner or Contributor RBAC role either on the subscription or resource group level?

    You don't need Azure AD roles (i.e. GA) to create, delete, and edit MDEASM resources and the inventory assets within it. They need RBAC role (IAM) - https://learn.microsoft.com/en-us/azure/external-attack-surface-management/#:~:text=new%20cloud%20resources.-,User%20permissions,-Users%20that%20have

    Let me know if you have any further questions, feel free to post back.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful