How a can Create a read only user for lighthouse sentinel workbooks?

georges hayek 0 Reputation points


I have a lighthouse tenant where I added multiple sentinel workspaces. However, I need to have a user where as soc analyst enable only to read dashboards for multiple clients or tenant?

can someone help me with this?


Azure Lighthouse
Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
65 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
967 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Monalla-MSFT 11,316 Reputation points

    @georges hayek - Welcome to Microsoft Q&A and thanks for reaching out to us.

    In order to create a user and to be enabled only to a read only dashboards, please follow below:

    • Once you create a new Azure AD user in your managing tenant, assign the user the "Reader" role.
    • Onboard the user to each customer tenant using lighthouse and assign the user the "Reader" role in each customer tenant.
    • In each Sentinel workspace, create a custom role that allows read only access to dashboards and then assign the custom role to the user in each sentinel workspace.

    Hope this helps. and please feel free to reach out if you have any further questions.

    If the above response was helpful, please feel free to "Accept as Answer" and click "Yes" so it can be beneficial to the community.

    0 comments No comments