[BUG] Issues when deploying Grant Permissions script

briandelmsft / SentinelAutomationModules

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel

MIT License

201 stars 55 forks source link

[BUG] Issues when deploying Grant Permissions script #416

Closed mgijo closed 11 months ago

mgijo commented 1 year ago

While executing the powershell script to grant permissions - I get the below error:-

I am a Global admin and Subscription Owner - not sure why it starts failing at Get-MDEInsights role assignment.

briandelmsft commented 1 year ago

hi @mgijo was the script successful in setting the other permissions that are shown as 'Role already assigned' and 'Permission being assigned already exists on the object' during a prior run of the script? or did you grant those permissions in some other way?

Are you operating in the standard M365 / Azure Commercial environment or are you in GCC (Medium? / High?)

Can you try the legacy script? It uses a deprecated PowerShell module, but ultimately grants the same permissions.

mgijo commented 1 year ago

Hi @briandelmsft - I ran the script twice and hence the notification "Role already assigned" is displayed. Both times got the same error when executing the script. No, I didn't assign permissions using any other method. I ran the script on an Azure Commercial environment.

Sure, I will try using the legacy script and update this thread.

piaudonn commented 1 year ago

@mgijo any updates?

mgijo commented 1 year ago

@piaudonn - I have yet to test it out :) . Will update soon.

mgijo commented 1 year ago

@piaudonn - the old legacy script worked. I was able to then execute STAT with no issues.

piaudonn commented 11 months ago

Thanks for letting us know!