Information Security

I'm putting this out there because it took me some time to figure out and at the time I couldn't find any documentation on how to use the Graph API to post a mention to a Teams channel: GET Team ID: https://graph.microsoft.com/beta/me/joinedTeams GET Channel ID: https://graph.microsoft.com/beta/teams/{team-id}/channels GET User ID: https://graph.microsoft.com/v1.0/me/people/?$search="Firstname Lastname" POST https://graph.microsoft.com/beta/teams{Team ID}/channels/{Channel ID}/messages (Include the BODY of the POST as below) Minimum JSON needed for body of the POST: {   "body": {     "contentType": "html",     "content": "<at id=\"0\">Firstname Lastname</at>Boo"   },   "attachments": [],   "mentions": [     {       "id": 0,       "mentionText": "Firstname Lastname",       "mentioned": {         "application": null,         ...

We use the built-in Windows VPN client to provide access to legacy applications that don't meet the security or usability requirements to be exposed to the internet. One of those applications just didn't work well over a VPN for various reasons but worked great over the internet. The application's network traffic was encrypted but the authentication was only username/password so just publishing it on the internet wasn't a good enough solution. Allowing access to the resource over the internet from a specific IP address would meet the security requirements of the application but keeping up with manually adding everyone's home IP address to the Azure Network Security Group (NSG) would be impossible. My solution in this case was to use a combination of the following resources to automate the process of adding a user's IP address to the NSG on a temporary basis: Microsoft Power Automation (Flow) Azure Automation Accounts Powershell Microsoft Graph API Si...

I wanted an easy way to keep track of changes made to our NSGs in Azure and through a combination of a few offerings in Azure I settled on what I feel is a pretty good solution. The runbook is on a schedule to run every day and performs the following: Get the current configuration of the Network Security Group (NSG) Push the current configuration of the NSG to a DevOps repository Compare the current configuration against the previous configuration If there are any changes, send an email Resources needed: Azure Automation Runbook Azure DevOps license (Basic Plan for access to use Repos) Powershell Azure Keyvault (for storing the DevOps API key) Runbook code: