Blog Post

Microsoft Developer Community Blog
1 MIN READ

Managing Microsoft365 with Microsoft365DSC and Azure DevOps

Derek_Smay's avatar
Derek_Smay
Icon for Microsoft rankMicrosoft
Jan 07, 2022

Microsoft365DSC is an Open-Source PowerShell Desired State Module. It allows configuration, monitoring, exporting, reporting and assessment of M365 tenants. Many organizations are implementing DevOps practices and with Microsoft365DSC and Azure DevOps you can implement Configuration as Code within your Microsoft 365 tenant.

 

At a high level the setup will look like:

Microsoft365DSC and Azure DevOps

 

The whitepaper Microsoft365Dsc and Azure DevOps dives into creating a solution with Azure DevOps and Microsoft365DSC.

 

The whitepaper will cover in detail the following:

  • Creating account for DSC
  • Configuration of Azure DevOps project
  • Configuration of Azure DevOps build agents
  • Configuration of Azure Key Vault to store secrets
  • Creating build and release pipelines to deploy configuration to M365 tenant
  • Securing service accounts with Azure Conditional Access policy
  • Using certificate instead of username/password for M365 authentication
Updated Jan 07, 2022
Version 2.0
  • lukemurraynz's avatar
    lukemurraynz
    Learn Expert
    Jan 08, 2022

    Thanks for sharing, looks like the whitepaper has been updated.

     

    Having used this in the past - fully recommend it, to the creation of new M365 tenancies to your own company standards and being able to export and duplicate your current setup to test changes etc.

  • Derek_Smay's avatar
    Derek_Smay
    Icon for Microsoft rankMicrosoft
    Jan 14, 2022

    Peter_Guhr Microsoft365DSC allows you represent your tenant as configuration as code. Since it's using DSC under the covers it can continuously monitor your tenant configuration for configuration drift. The CLI has commands that can also manage content whereas M365DSC focus is on configuration. The M365DSC team is working on a paper that goes over in complete detail setting up and using M365DSC. We hope to have this available next week on the Microsoft365DSC site. 

  • Peter_Guhr's avatar
    Peter_Guhr
    Copper Contributor
    Jan 12, 2022

    Thanks for providing the overview and the link to the whitepaper.

     

    I would be happy if you could explain in addition the usage of Microsoft365DSC compared to CLI for Microsoft 365 (https://pnp.github.io/cli-microsoft365/).
    Means, where do they overlap and where the two tools can complement each other well.

    Hope that is possible - I think would help a lot, too.

  • manishabajpai's avatar
    manishabajpai
    Icon for Microsoft rankMicrosoft
    Sep 08, 2022

    Derek_Smay  We have a question from one of the partners who are using this actively and want to use it to improve their Managed Service maturity around the Defender products. 

    One gap we have seen is the lack of support for Defender for Cloud Apps.

    Can you please let us know where to forward this feature request to the correct product team, and when support for MDCA will be added?

  • manishabajpai's avatar
    manishabajpai
    Icon for Microsoft rankMicrosoft
    Sep 08, 2022

    Derek_Smay  Thank you Derek for the guidance, could you please suggest if there is any alternative/workaround for this feature gap?

  • raj3011abccom's avatar
    raj3011abccom
    Copper Contributor
    Nov 07, 2022

    Hi Derek_Smay ,

     

    Thanks for the wonderful article. We are actively following this step and want to implement it in our organization.

     

    But when I come to Release pipeline, i encounter "Access Denied" error. Could you please let me know how to resolve this.

     

    Thanks,

    Raj