Describe the bug
Issue behavior: When the Sentinel Playbook (Logic App) is executed, the execution fails at the point where it tries to read the WAF policy attached to the application gateway. Following is an excerpt from the error message
{
"error": {
"code": "AuthorizationFailed",
"message": "The client '{logicapp-systemassignedIdentity's-PrincipalId}' with object id '{logicapp-systemassignedIdentity's-PrincipalId} does not have authorization to perform action 'microsoft.network/applicationgateways/read' over scope '/subscriptions/{SubscriptionId}/resourcegroups/rg-netsecninja/providers/microsoft.network/applicationgateways/soc-ns-ag-wafv2' or the scope is invalid. If access was recently granted, please refresh your credentials."
}
}
Similar issues would be observed when the following actions are performed by the playbook

• Update the WAF policy with the identified suspicious IP address
• Read the WAF policy associated with the Front Door Instance
• Update the WAF policy associated with the FD

This behavior is observed when the playbook gets executed (based on the configured analytics rule)
Reference to the tech community article
https://techcommunity.microsoft.com/t5/azure-network-security-blog/integrating-azure-web-application-firewall-with-azure-sentinel/ba-p/1720306
The relative path of the playbook
Azure%20WAF/Playbook%20-%20WAF%20Sentinel%20Playbook%20Block%20IP

Reproduce
Steps to reproduce the behavior:

1. Deploy the resources needed for the WAF testing lab (Azure WAF/Lab Template - WAF Attack Testing Lab/AzNetSecdeploy_Juice-Shop_AZFW-Rules_Updated.json)
2. Perform the lab exercise steps 1 through 4 Part1
3. Create a Sentinel resource atop the Log Analytics workspace that was created before step#1 was performed
4. Deploy the playbook from this path (Azure WAF/Playbook - WAF Sentinel Playbook Block IP/template.json)
5. Configure the analytics rule based on the documentation provided in this article
6. The playbook should be triggered when the analytics rule condition is met.
   The app would error out in the step where it tries to read the WAF policy on the gateway/frontdoor

Expected behavior
The playbook should get executed successfully

Screenshots
Error information has been provided in the Description section

Environment- if applicable
NA

Desktop (please complete the following information if applicable):

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

Logs- if applicable

• If logs are available, please provide relevant snippets

Additional context
A Pull Request with the necessary fixes has been created and is pending approval (as of 08/18) - #173

@gsriramit Thank you for the feedback. We will look into this and get back on this issue

@tobystic, Sure. Thank you for the response.
I have submitted a PR with the required code changes and referenced the same in the "Additional Context" section in this issue.

PR merged in #173 Closing issue