Forum Discussion
Solved
Azure Sentinel Workbook & Azure Dashboard Sharing to external B2B guest users
Hi,
I am trying to share Azure Sentinel Workbooks (custom) & as well as Azure Dashboards to external guest users i.e. Azure B2B user accounts but not able to share it.
I get error even after of assigning appropriate RBAC roles (mostly tried Azure Log analytics Reader, Azure Sentinel Reader & Reader) at different levels.
Please note: This sharing is for external B2B users.
Appreciate your response.
Thanks.
So rather than Share, use EDIT and then Advanced Edit, to download a copy of the JSON (or ARM) to the user. Then get them to import the workbook. https://github.com/CliveW-MSFT/KQLpublic/blob/master/README.md for Import / Export info
PrashTechTalk Just a thought but have you tried to copy the Azure Sentinel workbooks to the Log Analytics workbooks and see if that works?
GaryBushey - Hi Gary,
I tried your solution works completely fine only when the dashboard is built on customer tenant else they will not see the cross tenant data. Sadly i had to opt for building workloads on customer tenant for this reason, Also RBAC for dashboard only is not available and had to grant reader access.
Thanks.
PrashTechTalk OK, I see what you are trying to do now. Have you looked at Lighthouse where you can grant the customers the rights into your tenant?
GaryBushey - Thankyou & Appreciate your response..I will give a try. Because the objective is to share B2B guests and that i do not want to assign RBAC at subscription level or resource group level i think its not possible to achieve. As per Microsoft documentation the user should be part of the subscription.
- CliveWatson
Microsoft
So rather than Share, use EDIT and then Advanced Edit, to download a copy of the JSON (or ARM) to the user. Then get them to import the workbook. https://github.com/CliveW-MSFT/KQLpublic/blob/master/README.md for Import / Export info
CliveWatson @ Thanks & Appreciate your response. This is a brilliant approach but the condition is B2B user should only read the workbook not own it completely or have feasibility to import it & modify.
Please correct me if i am wrong..
I am trying to share Azure Sentinel Workbook or Azure Dashboard with read only access to B2B users but i should make sure the actual workload reside in my tenant.
