Create / configure an Azure automation account
Here is a video guide which I created for the Patch My PC report which covers the steps outlined below and for setting the API permissions.
If you wish to use a Run as account to access Microsoft Graph and Azure resources be sure to select that option, however I strongly recommend using a Managed Identity instead.
In the Azure portal, locate your automation account. Under Identity, enable a System assigned identity. The identity will bear the same name as your automation account and will be visible as a service principal in Azure Enterprise applications.
You do not need to assign a role in Azure to this identity.