“Ensure that the Group1 members can create and edit playbooks.”
In Microsoft Sentinel, the ability to create, edit, and assign playbooks is granted by the Microsoft Sentinel Automation Contributor role.
This role allows users to:
Create and manage automation rules,
Create and edit playbooks (Logic Apps) in the connected subscription,
Associate playbooks with Sentinel incidents or alerts.
By contrast:
Logic App Contributor allows Logic App creation but doesn’t include Sentinel-level integration permissions.
Automation Operator can run playbooks but not edit or create them.
Sentinel Playbook Operator can execute playbooks but cannot modify or assign them.
✅ Answer for Question 11:A. Microsoft Sentinel Automation Contributor
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit