Error code 403 when accessing newly created defender EASM instance

TobiasL6952 25 Reputation points
2023-11-15T16:29:39.1066667+00:00

I have created a defender for EASM Instance but receive a "You do not have access" error code 403 when trying to access it after deployment. I have tried multiple times and waited days between attempts but the issue persists. I am a global admin. The error message I receive is:

ExtensionMicrosoft_Azure_EASM
- ContentOverview.ReactView
- Error code403

I have tried this on different tenants with the same result. What could be the issue? Please advise.

Best regards, Tobias

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
0 comments No comments
{count} vote

Accepted answer
  1. Givary-MSFT 35,626 Reputation points Microsoft Employee Moderator
    2023-11-16T10:31:41.98+00:00

    @TobiasL6952 Thank you for reaching out to us, As I understand you are trying to access newly created Defender EASM instance and getting 403 error.

    Would request you to check if Owner or Contributor RBAC role either on the subscription or resource group level?

    You don't need Azure AD roles (i.e. GA) to create, delete, and edit MDEASM resources and the inventory assets within it. They need RBAC role (IAM) - https://learn.microsoft.com/en-us/azure/external-attack-surface-management/#:~:text=new%20cloud%20resources.-,User%20permissions,-Users%20that%20have

    Let me know if you have any further questions, feel free to post back.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.