Finding Azure permissions needed for Powershell cmdlets

MCMR 1 Reputation point
2019-12-17T11:15:58.957+00:00

I'm trying to use Runbooks to automate things in Azure but I keep running into 'Insufficient privileges' errors for the runas user the Automation Account is using.
Is there any documentation on what permissions the cmdlets need? I've not been able to find anything and have wasted hours of effort playing a very frustrating guessing game.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,175 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Sam Cogan 10,332 Reputation points MVP
    2019-12-17T15:50:25+00:00

    First of, the permissions aren't related to the commands you are running in PS, they are down to the actions you are taking in Azure. Permissions would be the same if you were doing this in the portal, CLI or PS.

    Finding the permissions you need is a real pain. Some products have this documented fairly well, such as this example from Azure Monitor, so that is the first place to try, the docs. If that doesn't work out then your only option is to go through all the available permissions to find the ones you think look like what you need. You can do this in the portal, just go to the IAM (RBAC) tab on any resource, then go to roles, then pick a role, and select permissions. In here you can see all the available permissions and look for what you need.

    0 comments No comments