Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bugfix] GR13 V3 SignIn Logs logic with consideration of retention period and misc. error handling update #315

Merged
merged 11 commits into from
Dec 18, 2024
Merged

[Bugfix] GR13 V3 SignIn Logs logic with consideration of retention period and misc. error handling update #315

merged 11 commits into from
Dec 18, 2024

Conversation

dutt0
Copy link
Contributor

@dutt0 dutt0 commented Dec 17, 2024
edited
Loading

Overview/Summary

Updated the controls Break Glass Account Testing Cadence (M) which ensures that Break Glass accounts remain active and secure by monitoring the last login date.

This PR fixes/adds/changes/removes

This pull request

  1. updates the logic flow as for GR13V3:
    • Collects BG UPN from the config,json
    • Validates BG accounts exist in config.json
    • Validates BG accounts' sign-in activity/log enabled
    • Retrieves last login dates for each UPN
    • Compliant if the date is within the last year
    • Non-compliant if otherwise
  2. improves on the error handling in GSAAutomationRunbook file by using specific error handling for each section. (Reference context SCRv2.1.2 number 1, December2024)

Breaking Changes

N/A

Testing Evidence

Tested with test tenant pipeline run.

As part of this Pull Request I have

  • Checked for duplicate Pull Requests
  • Associated it with relevant GitHub Issues
  • Ensured my code/branch is up-to-date with the latest changes in the main branch
  • Performed testing and provided evidence.
  • Updated relevant and associated documentation.
  • Ensure PowerShell module versions have been updated (manually or with the ./tools/Update-ModuleVersions.ps1 script)

@dutt0 dutt0 linked an issue Dec 17, 2024 that may be closed by this pull request
GR13 | Validation 3 | Break Glass Account Testing Cadence (M) #246
Closed
@dutt0 dutt0 removed a link to an issue Dec 17, 2024
GR13 | Validation 3 | Break Glass Account Testing Cadence (M) #246
Closed
@dutt0 dutt0 linked an issue Dec 17, 2024 that may be closed by this pull request
GR13 | Validation 3| Bug BG Check needs to validate testing in the prior 365 days, default AD SignIn log retention is 30 days #292
Closed
@dutt0 dutt0 changed the title logic update with signinlogs [Bugfix] GR13 V3 SignIn Logs logic with consideration of retention period Dec 17, 2024
@dutt0 dutt0 changed the title [Bugfix] GR13 V3 SignIn Logs logic with consideration of retention period [Bugfix] GR13 V3 SignIn Logs logic with consideration of retention period and misc. error handling update Dec 18, 2024
@dutt0 dutt0 marked this pull request as ready for review December 18, 2024 02:37
@dutt0 dutt0 merged commit 35d0cd1 into main Dec 18, 2024
4 checks passed
@dutt0 dutt0 deleted the idutta/GR13V3_fixforLog branch December 18, 2024 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@singhgss singhgss singhgss approved these changes

@alalvi00 alalvi00 alalvi00 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@dutt0 @alalvi00 @singhgss