Microsoft Teams Integration
Instructions for Integration Between Microsoft Teams & InsightCloudSec
The Microsoft Teams integration works like other messaging integrations. InsightCloudSec can send notification messages to Microsoft Teams channels and is compatible with all InsightCloudSec resources.
Users can take advantage of the teams integration to send high priority security alerts to MS Teams Channels. For issues like the provisioning of noncompliant security group rules which leave SSH open to the world, the applicable team or person can receive a notice and respond.
For additional details on Integrations, including editing and deleting integrations, take a look at the Integrations Overview page. Also check out our documentation on Jinja2 for information about templating with Jinja2.
Prerequisites
To complete the Microsoft Teams Integration, you will need to ensure you have the following:
- A functioning InsightCloudSec platform installation and Org Admin permissions
- Administrative access to the Microsoft Teams setup you want to use for integration
If you need help with this integration, contact us through the Customer Support Portal.
Setup for Microsoft Teams Integration
DivvyCloud vs. InsightCloudSec (Screen Captures)
Some images include DivvyCloud but the capability within InsightCloudSec is exactly the same.
Configuration Steps in Microsoft Teams
1. Visit your MS Teams application and locate the channel you want to target for integration.
- Note: Channel integrations must be configured individually
2. Click on the ellipsis menu option to the right of the channel and select "Connectors".
MS Teams Channel Context Menu
3. Locate (using Search) and select the "Incoming Webhook" option. Provide a name (one you can easily remember) and click "Create".
- Note: The name you create here has no link to the name required in InsightCloudSec, but as a best practice, it's typically easier to just keep the same name.
Create a New Teams Webhook
4. After you click "Create", copy the URL generated at the bottom of the form.
Note: If you mistakenly close this form before copying the URL, you can obtain the webhook URL again from the channel details by clicking the ellipsis menu next to the Teams channel (as shown above) and looking under the "Configured" option.
Configuration Steps in InsightCloudSec
1. Navigate to "Administration --> Integrations" page and select "Edit" on the Microsoft Teams card.
Create a New Microsoft Teams Integration in InsightCloudSec
2. Enter a channel name (e.g., MS Integration) and paste the URL you obtained from MS Teams when you created the new webhook. Click "Save".
Adding the Webhook in InsightCloudSec
3. Success. You have configured the integration for Microsoft Teams. Now it's time to set up a Bot to send your notifications.
Using an MS Teams Webhook for Health Notifications
In addition to general MS Teams channel integration, you can also use an MS Teams webhook to subscribe to InsightCloudSec Health Notifications.
Health Notifications are typically generated based on issues related to the following: system clock drift, job scheduling (no harvest within 24 hours), invalid credentials, assume role failures, and invalid permissions.
- Navigate to "System Administration --> System" to review or enable this capability
- Review the specific details in the System Settings documentation.
Configure Bot with the "Send Microsoft Teams Message" Action
To set up a Bot to use the Microsoft Teams integration, you will need to complete something similar to the steps outlined below.
- For detailed step-by-step instructions on using automation check out our documentation on Creating Bots
- You can also check out Working with Bots (Best Practices & Examples) if you want to review some examples.
1. From the main navigation panel, locate Automation and select "BotFactory"
2. Click Create Bot and complete your desired details for the "About Your Bot", "Resource Type & Groups", and "Filters" sections.
3. In the Actions section, click Add Action and locate the new "Send Microsoft Teams Message (Webhook)" action. (Search using "Teams" or "Webhook" for quickest results).
4. Complete the configuration for the action.
Note: You must use the same name you supplied when you created the integration in the InsightCloudSec portion of the setup; our example used "MS Integration" (this name does not have to match the name you supplied in Teams).
InsightCloudSec Bot Action Setup Example
5. Select "Next" to define any Run Options and then select "Save" when your Bot is complete.
6. Confirm your Bot is operating as intended. If you run into issues we are here to help. Reach out to us through the Customer Support Portal.
What's Next?
After completing your Microsoft Teams integration, you may be interested in learning more about other Integrations we offer, including PagerDuty Integration, ServiceNow Integration, or Splunk Integration.
Check out additional information on templating with Jinja2. Or for additional information on capabilities on Bots and automation, check out our documentation on BotFactory.
Updated 2 months ago