Verification Failed when trying to deploy custom Sentinel template on Azure

Aviv Yaaran 0 Reputation points
2024-10-17T22:08:47.4633333+00:00

Hello,
I am having an issue deploying my custom Sentinel template in which I can't get validated because I don't have the write permissions for 'microsoft.aadiam/diagnosticSettings/write' at scope '/providers/microsoft.aadiam/diagnosticSettings/SECURITY-Monitoring-aadDiagnosticSetttings'

'SECURITY-Monitoring' is my resource group name and workspace name and that's the scope it's in.

I have given myself the roles that should give me write access to finish deploying and registered the appropriate resource providers and still can't get to verify my deployment.

I've attached screenshots showing my resources and roles I assigned to myself. All assigned roles were assigned to my one and only subscription.IAM imgTROUBLESHOOT

imgTROUBLESHOOT3

I am not sure what to do and only now speculate that since I am using a school account to do this and on their directory, I am limited on the privilege I can assign myself but I feel like it shouldn't conflict since it's my own subscription on that account and I am the owner of it.

Hope to hear back from anyone who has any ideas or has had this issue in the past.

Thank you!

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,154 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andrew Blumhardt 9,861 Reputation points Microsoft Employee
    2024-10-28T12:00:20.44+00:00

    You clearly have sufficient credentials but the error might be misleading. If this is for a class assignment, please check with your faculty. There may be a restriction or spending limit on your subscription preventing this activation. Sentinel can quickly burn though training credits. You might consider using free data sources like Azure Activity logs.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.