Set up the Azure Resources

If you haven't already done so, you'll need to create and/or configure some Azure resources to enable you to automate exports from Microsoft Graph. You'll need to set up the following resources and this is documented elsewhere in this site. You can, of course, use existing resources you have in Azure - you just need to make sure they are configured for use with this solution, such as enabling a managed identity on the automation account, granting Graph API permissions to it and creating a custom role for the Azure storage account.

Azure automation account

The automation account is used to execute runbooks on a schedule. These runbooks will export data from Microsoft Graph and save them to Azure storage and/or send them to a Log Analytics workspace.

For the Azure automation runbook, you don't need to create a runbook at this stage but you will need to import the required PowerShell modules into the automation account.

Create / configure an Azure automation account Grant API permissions Create an Azure automation runbook

Azure storage account

If you want to export data from Microsoft Graph to an Azure storage account, reference the following guide.

Azure Storage account

PreviousGathering Custom Inventory with Intune NextCreate a Proactive remediations script package

Last updated 4 years ago

Was this helpful?

hashtagAzure automation account

hashtagAzure storage account

Azure automation account

Azure storage account