Forum Discussion
Using Logic Apps to trigger Work Items in DevOps from triggers in Azure Security Center.
Dear Colleagues,
I am looking for a workflow that is triggered from anything in Azure Security Center (reccomendations first) to a new bug or issue in Azure DevOps. Right after this there is a...
1. Reccomendations do get delivered to a Mail Account
2. Reccomendations do get delivered to a Team Channel
2a. item in Team channel can be linked to an existing DevOps issue but is not able to open a new one.
3. Faulted...Reccomendation to get delivered to Azure DevOps Work Item did not work.
The new item would be nice to raise an issue in work items and then notify a teams channel.
Hi mthibodeaux,
Does the Logic App Azure DevOps trigger does not work for you?
It should allow you to achieve what you need.
Thanks,
Yoav Francis
Senior Program Manager, Azure Security Center
yoavfrancisThanks for your response so I have tried it in several variations and an initial one worked but here is how it is confirgured:
Step 1: Use App --> When an Azure Security Center Recommendation is created or triggered
(Preview)Step 2:
Azure DevOps App: Create a work item
O365 App: Send an email (V2)
MS Teams App: Post a message (V3)
The mail and the teams one works but the Azure DevOps one does not. Any chance that I am doing something incorrect?
Michael
@yoavfrancis so I reorganized the logical app adn on one test without any fields a new bug in Azure DevOps was added. Because of this success I added some values in the devops app.
After adding the values the app failed becasue the field were not found. Interestingly enough when the mail app and the devops app are run in parrallel a mail is sent with the appropriate fields but the DevOps app fails.
Hi mthibodeaux,
Could you kindly open a support ticket routed to Logic App? they'll be able to provide support for the Azure DevOps action that you're trying to trigger and doesn't work.
Thanks,
Yoav
yoavfrancisIt woudl be great but the permission is not granted to add this. I will be adding this to the MS Teams with our MS TAM.
- Nope...my admin role is not security admin and I would have to develop a web hook that uses a service principle that has the RBAC implemeted. Both are hard at the moment.
- For some reason the web hook standard implementation is not designed for oauth and using service principles. If it were thing would not take additional effort.
Furthermore the integration into DevOps and yes would be pretty much complete.