Skip to main content

Notifications

Community site session details

Community site session details

Session Id : LAm2x9nUnS9C44jw/3yOF/
Power Automate - Building Flows
Unanswered

CAS Policy automate - impossible travel activity.

Like (0) ShareShare
ReportReport
Posted on 29 Apr 2020 10:10:36 by

Hi,

I want to automate cloud app security policies to take specific action when an alert is generated.  For instance I want to create a policy and automate it to ask users to reset their passwords when their account is flagged for "impossible travel" activity" or multiple logins attempts from different geographical locations.

I have looked at using power automate but I cannot see it taking the above action, unless I'm missing something.  I can get it to send an email alert to admins.

 

I would welcome any suggestions or pointers.

Thank you.

  • F1NN Profile Picture
    2 on 15 Jun 2020 at 08:25:22
    Re: CAS Policy automate - impossible travel activity.

    At Ignite on Tour Amsterdam last year i saw a demonstration connecting CASB to a Azure Runbook via a Flow to accomplish this.

    The case then was, when CASB has a impossible travel alert, start the flow.. kick of a Azure Runbook > check the mailbox of the specific user for an active Out of Office rule > Let Flow use the output of the job > if the rule was found, close the alert, if not found then post a message in teams.

     

    I remember the presenter saying that the demo would be available after, but i haven't been able to find it.

    Connecting flow to Azure Automation however is documented:
    https://danielchronlund.com/2018/11/18/start-your-azure-automation-powershell-runbook-with-a-microsoft-flow-button/
    https://docs.microsoft.com/en-us/azure/automation/start-runbooks

     

  • alrezac Profile Picture
    on 01 May 2020 at 13:25:49
    Re: CAS Policy automate - impossible travel activity.

    Hi,

     

    The issue with this is that webhooks typically trigger with some kind of data update and unless we already have a trigger set up to monitor for that data change it will be hard to integrate this into flow if not impossible. It might be possible to set up an HTTP request to send when an account if flagged but I have no idea how that would work on the non-flow side. I would suggest opening a case with Microsoft Support to help take a look into this, I'll include a link below. Otherwise if any other communities members might have set this up before feel free to pitch in.

     

    Regards,

     

    Alex

     

    -------

     

    Community Support Team _ Alex Rezac
    If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Congratulations to all our community participants!

Warren Belz – Community Spotlight

We are honored to recognize Warren Belz as our May 2025 Community…

Leaderboard > Power Automate - Building Flows

#1
David_MA Profile Picture

David_MA 292 Super User 2025 Season 1

#2
Michael E. Gernaey Profile Picture

Michael E. Gernaey 259 Super User 2025 Season 1

#3
stampcoin Profile Picture

stampcoin 212

Overall leaderboard
Loading started
Loading complete