App registration - Insufficient privileges #96
Description
I have an Azure app registration and am using the app ID and app secret in AzureHound's -a and -s flags, respectively.
./azurehound -a $(cat app_id) -s $(cat secret) --tenant "mytenant.onmicrosoft.com" list
The Azure app was originally created for use with FalconHound, and it has the following permissions in the Graph API:
- PrivilegedAccess.Read.AzureAD
- PrivilegedAccess.Read.AzureADGroup
- PrivilegedAccess.Read.AzureResources
- RoleAssignmentSchedule.Read.Directory
- RoleEligibilitySchedule.Read.Directory
- RoleManagement.Read.All
- User.Read
When I use these credentials with AzureHound, I immediately get the following error message: Insufficient privileges to complete the operation.
I couldn't find detailed documentation on what permissions are needed by the service principal.
Are the above permissions insufficient for AzureHound? Or am I not using the app registration flags correctly?