Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Using Logic Apps to trigger Work Items in DevOps from triggers in Azure Security Center.

Copper Contributor

Dear Colleagues, 

 

I am looking for a workflow that is triggered from anything in Azure Security Center (reccomendations first) to a new bug or issue in Azure DevOps. Right after this there is a trigger in Teams that a new item is an issue to work on. The team works in Teams and accomplished the tasking inside of Azure DevOps. 

10 Replies

1. Reccomendations do get delivered to a Mail Account

2. Reccomendations do get delivered to a Team Channel

2a. item in Team channel can be linked to an existing DevOps issue but is not able to open a new one. 

 

3. Faulted...Reccomendation to get delivered to Azure DevOps Work Item did not work.

 

The new item would be nice to raise an issue in work items and then notify a teams channel.

Hi @mthibodeaux,

 

Does the Logic App Azure DevOps trigger does not work for you?

yoavfrancis_0-1581418744014.png

 

It should allow you to achieve what you need.

 

Thanks,

Yoav Francis

Senior Program Manager, Azure Security Center

Nope...my admin role is not security admin and I would have to develop a web hook that uses a service principle that has the RBAC implemeted. Both are hard at the moment.
For some reason the web hook standard implementation is not designed for oauth and using service principles. If it were thing would not take additional effort.

Furthermore the integration into DevOps and yes would be pretty much complete.

@yoavfrancisThanks for your response so I have tried it in several variations and an initial one worked but here is how it is confirgured:

 

Step 1: Use App --> When an Azure Security Center Recommendation is created or triggered
(Preview)

 

Step 2:

Azure DevOps App: Create a work item

 

AzureDevOps_Create Item.GIF

 

O365 App: Send an email (V2)

AzureDevOps_O365 Send Mail.GIF

MS Teams App: Post a message (V3)

AzureDevOps_Teams Post.GIF

 

 

The mail and the teams one works but the Azure DevOps one does not. Any chance that I am doing something incorrect?

 

Michael

 

Hi @mthibodeaux,

 

Could you kindly open a support ticket routed to Logic App? they'll be able to provide support for the Azure DevOps action that you're trying to trigger and doesn't work.

yoavfrancis_0-1582119952754.png

 

 

Thanks,

Yoav

@yoavfrancis so I reorganized the logical app adn on one test without any fields a new bug in Azure DevOps was added. Because of this success I added some values in the devops app.

 

After adding the values the app failed becasue the field were not found. Interestingly enough when the mail app and the devops app are run in parrallel a mail is sent with the appropriate fields but the DevOps app fails.

 

@yoavfrancisIt woudl be great but the permission is not granted to add this. I will be adding this to the MS Teams with our MS TAM.

 

I have the same problem. the sending of the mail works correctly but, it does not create the work items in Azure Devops. Has anyone works for you?

Did you get the Logic App to work with Azure DevOps?