Comment on page
Create / configure an Azure automation account
If you wish to use a Run as account to access Microsoft Graph and Azure resources be sure to select that option, however I strongly recommend using a Managed Identity instead.
In the Azure portal, locate your automation account. Under Identity, enable a System assigned identity. The identity will bear the same name as your automation account and will be visible as a service principal in Azure Enterprise applications.
You do not need to assign a role in Azure to this identity.