Hello Christina
To manage runbooks in Azure Automation and modify Entra IDs, a service account typically needs:
- Automation Runbook Operator role to run runbooks
- Automation Contributor role to create and manage runbooks
- User Administrator roles to create and modify user identities
You can find details here https://learn.microsoft.com/en-us/azure/automation/automation-role-based-access-control and https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference