Update v3 to render correctly also permissions

Author: oshezaf

Tools/Solutions Analyzer/README.md

@@ -103,8 +103,8 @@ The main CSV file containing one row per unique combination of solution, connect
 | `connector_publisher` | Connector publisher name. Empty for solutions without data connectors. |
 | `connector_title` | Connector display title. Empty for solutions without data connectors. |
 | `connector_description` | Connector description (newlines replaced with `<br>` for GitHub CSV rendering). Empty for solutions without data connectors. |
-| `connector_instruction_steps` | Setup and configuration instructions rendered from connector UI definitions using AI, stored as JSON-encoded string with standard JSON `\n` encoding. May contain inaccuracies - verify in portal. Empty for solutions without data connectors. |
-| `connector_permissions` | Required permissions and prerequisites in markdown format (newlines replaced with `<br>`). Empty for solutions without data connectors. |
+| `connector_instruction_steps` | Setup and configuration instructions from connector UI definitions, stored as JSON-encoded string. Rendered in documentation using Microsoft Sentinel UI definitions. Empty for solutions without data connectors. |
+| `connector_permissions` | Required permissions and prerequisites from connector UI definitions, stored as JSON-encoded string. Rendered in documentation according to Microsoft Sentinel permissions schema (resourceProvider, customs, licenses, tenant). Empty for solutions without data connectors. |
 | `connector_files` | Semicolon-separated list of GitHub URLs to connector definition files. Empty for solutions without data connectors. |
 | `is_unique` | `true` if table appears in only one connector file, `false` otherwise |
 | `table_detection_methods` | (Optional, with --show-detection-methods) Semicolon-separated list of methods used to detect this table |
@@ -318,8 +318,8 @@ connector-docs/
 
 **Connector Pages** include:
 - Connector description and metadata
-- **AI-rendered setup instructions** from connector UI definitions with step-by-step guidance
-- Required permissions and prerequisites
+- **AI-rendered setup instructions and permissions** from connector UI definitions with step-by-step guidance
+- Required permissions and prerequisites (rendered from Microsoft Sentinel permissions schema)
 - List of solutions using this connector
 - Tables ingested by the connector
 - Links to GitHub connector definition files
@@ -329,25 +329,31 @@ connector-docs/
 - Quick statistics
 - Cross-references between solutions, connectors, and tables
 
-## AI-Rendered Setup Instructions
+## AI-Rendered Setup Instructions and Permissions
 
-The "Setup Instructions" sections in the generated connector documentation are **automatically rendered from connector UI definition files using AI**. These instructions interpret the UI-centric JSON structures that define the Azure Portal configuration interface and convert them into readable step-by-step guidance.
+The "Setup Instructions" and "Permissions" sections in the generated connector documentation are **automatically rendered from connector UI definition files**. These sections interpret the UI-centric JSON structures that define the Azure Portal configuration interface and convert them into readable documentation.
 
 ### ⚠️ Important Disclaimer
 
-**These AI-rendered instructions may not be fully accurate.** They are generated by interpreting UI definition metadata and should always be verified against the actual Microsoft Sentinel portal before implementation. The instructions provide a helpful starting point but are not a substitute for official documentation or hands-on portal verification.
+**These AI-rendered instructions and permissions may not be fully accurate.** They are generated by interpreting UI definition metadata and should always be verified against the actual Microsoft Sentinel portal before implementation. The content provides a helpful starting point but is not a substitute for official documentation or hands-on portal verification.
 
 ### How It Works
 
 The rendering process involves several steps:
 
-1. **JSON Parsing**: The script extracts `instructionSteps` arrays from connector definition files in the Solutions directory
+1. **JSON Parsing**: The script extracts `instructionSteps` and `permissions` objects from connector definition files in the Solutions directory
 2. **UI Type Detection**: Each instruction step has a `type` property (e.g., `DataConnectorsGrid`, `ContextPane`, `GCPGrid`) that determines how it should be interpreted
-3. **AI-Powered Rendering**: Specialized handlers for each UI type convert the JSON structure into descriptive markdown:
+3. **Permissions Schema Parsing**: Permission objects are rendered according to the Microsoft Sentinel permissions schema, including:
+   - **resourceProvider**: Azure resource provider permissions with scope, required actions (read/write/delete/action)
+   - **customs**: Custom prerequisites with names and descriptions
+   - **licenses**: Required Microsoft 365 licenses with friendly names
+   - **tenant**: Azure AD tenant permissions with required roles
+4. **AI-Powered Rendering**: Specialized handlers for each UI type convert the JSON structure into descriptive markdown:
    - Form fields (textboxes, dropdowns) are described with their purposes and validation requirements
    - Management grids and data selectors are explained with their configuration options
    - Portal-only interfaces are identified and marked with clear indicators
-4. **Markdown Formatting**: The rendered content is formatted with emoji indicators, step numbers, and disclaimers
+   - Permission requirements are formatted with clear scope and action descriptions
+5. **Markdown Formatting**: The rendered content is formatted with emoji indicators, step numbers, and disclaimers
 
 ### UI Types Supported
 

Tools/Solutions Analyzer/connector-docs/connectors/azureactivedirectory.md

@@ -16,6 +16,9 @@ Gain insights into Microsoft Entra ID by connecting Audit and Sign-in logs to Mi
 - **Workspace** (Workspace): read and write permissions.
 - **Diagnostic Settings** (/providers/microsoft.aadiam): read and write permissions to AAD diagnostic settings.
 
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/azureactivedirectoryidentityprotection.md

@@ -19,6 +19,12 @@ Microsoft Entra ID Protection provides a consolidated view at risk users, risk e
 **Resource Provider Permissions:**
 - **Workspace** (Workspace): read and write permissions.
 
+**Licenses:**
+- Azure AD Premium P1/P2
+
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/azureadvancedthreatprotection.md

@@ -37,6 +37,12 @@ For more information, see the [Microsoft Sentinel documentation >](https://go.mi
 **Resource Provider Permissions:**
 - **Workspace** (Workspace): read and write permissions.
 
+**Licenses:**
+- Microsoft Defender for Identity
+
+**Tenant Permissions:**
+Requires SecurityAdmin, GlobalAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/azuredevopsauditlogs.md

@@ -17,13 +17,7 @@ The Azure DevOps Audit Logs data connector allows you to ingest audit events fro
 - **Keys** (Workspace): Read permissions to shared keys for the workspace are required.
 
 **Custom Permissions:**
-- **Azure DevOps Prerequisite**: Please ensure the following:
- 1. Register an Entra App in Microsoft Entra Admin Center under App Registrations.
- 2.  In 'API permissions' -  add Permissions to 'Azure DevOps - vso.auditlog'.
- 3.  In 'Certificates & secrets' - generate 'Client secret'.
- 4.  In 'Authentication' - add Redirect URI: 'https://portal.azure.com/TokenAuthorize/ExtensionName/Microsoft_Azure_Security_Insights'.
- 5. In the Azure DevOps settings - enable audit log and set **View audit log** for the user. [Azure DevOps Auditing](https://learn.microsoft.com/en-us/azure/devops/organizations/audit/azure-devops-auditing?view=azure-devops&tabs=preview-page).
- 6. Ensure the user assigned to connect the data connector has the View audit logs permission explicitly set to Allow at all times. This permission is essential for successful log ingestion. If the permission is revoked or not granted, data ingestion will fail or be interrupted.
+- **Azure DevOps Prerequisite**: Please ensure the following:<br> 1. Register an Entra App in Microsoft Entra Admin Center under App Registrations.<br> 2.  In 'API permissions' -  add Permissions to 'Azure DevOps - vso.auditlog'.<br> 3.  In 'Certificates & secrets' - generate 'Client secret'.<br> 4.  In 'Authentication' - add Redirect URI: 'https://portal.azure.com/TokenAuthorize/ExtensionName/Microsoft_Azure_Security_Insights'.<br> 5. In the Azure DevOps settings - enable audit log and set **View audit log** for the user. [Azure DevOps Auditing](https://learn.microsoft.com/en-us/azure/devops/organizations/audit/azure-devops-auditing?view=azure-devops&tabs=preview-page).<br> 6. Ensure the user assigned to connect the data connector has the View audit logs permission explicitly set to Allow at all times. This permission is essential for successful log ingestion. If the permission is revoked or not granted, data ingestion will fail or be interrupted.
 
 ## Setup Instructions
 

Tools/Solutions Analyzer/connector-docs/connectors/microsoftcloudappsecurity.md

@@ -31,6 +31,12 @@ By connecting with [Microsoft Defender for Cloud Apps](https://aka.ms/asi-mcas-c
 **Resource Provider Permissions:**
 - **Workspace** (Workspace): read and write permissions.
 
+**Licenses:**
+- Microsoft Defender for Cloud Apps
+
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/microsoftdefenderadvancedthreatprotection.md

@@ -15,6 +15,12 @@ Microsoft Defender for Endpoint is a security platform designed to prevent, dete
 **Resource Provider Permissions:**
 - **Workspace** (Workspace): read and write permissions.
 
+**Licenses:**
+- Microsoft Defender for Endpoint
+
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/microsoftdefenderforcloudtenantbased.md

@@ -15,6 +15,9 @@ Microsoft Defender for Cloud is a security management tool that allows you to de
 **Resource Provider Permissions:**
 - **Workspace** (Workspace): read and write permissions.
 
+**Tenant Permissions:**
+Requires SecurityAdmin, GlobalAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/microsoftpurviewinformationprotection.md

@@ -20,6 +20,9 @@ Microsoft Purview Information Protection helps you discover, classify, protect,
 **Custom Permissions:**
 - **License**: Enterprise Mobility + Security E5/A5 or Microsoft 365 E5/A5 or P2
 
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.

Tools/Solutions Analyzer/connector-docs/connectors/microsoftthreatprotection.md

@@ -36,6 +36,9 @@ For more information, see the [Microsoft Sentinel documentation](https://go.micr
 **Custom Permissions:**
 - **License**: M365 E5, M365 A5 or any other Microsoft Defender XDR eligible license.
 
+**Tenant Permissions:**
+Requires GlobalAdmin, SecurityAdmin on the workspace's tenant
+
 ## Setup Instructions
 
 > ⚠️ **Note**: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.