Skip to content

Commit

Permalink
✨ Add audit log for user, add creation type and identities. (#4950)
Browse files Browse the repository at this point in the history
* ✨ Add audit log for user, add creation type and identities.

Signed-off-by: Preslav <[email protected]>

* process feedback.

Signed-off-by: Preslav <[email protected]>

---------

Signed-off-by: Preslav <[email protected]>
  • Loading branch information
preslavgerchev authored Dec 3, 2024
1 parent d2e37ca commit 784fb14
Show file tree
Hide file tree
Showing 5 changed files with 631 additions and 2 deletions.
5 changes: 3 additions & 2 deletions .github/actions/spelling/expect.txt
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
ACCOUNTADMIN
atlassian
auditlog
Auths
autoaccept
autoscaler
Expand Down Expand Up @@ -69,19 +70,20 @@ opcplc
orstatement
PAYG
Pids
portgroup
postgre
pushconfig
querypack
ratebasedstatement
regexmatchstatement
regexpatternsetreferencestatement
resourcegroup
rootfs
rulegroup
rulegroupreferencestatement
Sas
scim
serviceprincipals
signin
singlequeryargument
sizeconstraintstatement
Snat
Expand All @@ -104,4 +106,3 @@ vulnerabilityassessmentsettings
vulnmgmt
wil
xssmatchstatement
portgroup
49 changes: 49 additions & 0 deletions providers/ms365/resources/ms365.lr
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,55 @@ private microsoft.user @defaults("id displayName userPrincipalName") {
authMethods() microsoft.user.authenticationMethods
// Whether MFA is enabled for the user.
mfaEnabled() bool
// The user creation type.
creationType string
// The user's identities.
identities []microsoft.user.identity
// The user's audit-log.
auditlog() microsoft.user.auditlog
}

// Microsoft User Audit log
private microsoft.user.auditlog {
// The user's identifier.
userId string
// The user's sign-in entries. Only entries from the last 24 hours are fetched and up to 50 at most.
// Note that only interactive sign-in entries are currently returned.
signins() []microsoft.user.signin
// The user's last interactive sign-in.
lastInteractiveSignIn() microsoft.user.signin
// The user's last non-interactive sign-in. Only entries from the last 24 hours are currently considered.
lastNonInteractiveSignIn() microsoft.user.signin
}

// Microsoft User Identity
private microsoft.user.identity @defaults("issuerAssignedId") {
// The id as assigned by the issuer.
issuerAssignedId string
// The identity issuer.
issuer string
// The sign-in type for the identity (e.g. 'federated', 'userPrincipalName')
signInType string
}

// Microsoft User Sign in
private microsoft.user.signin {
// The sign-in entry's identifier.
id string
// The creation time of the sign-in entry.
createdDateTime time
// The id of the user.
userId string
// The display name of the user.
userDisplayName string
// The client app, used to perform the sign-in.
clientAppUsed string
// The app's display name.
appDisplayName string
// The resource's display name.
resourceDisplayName string
// Whether the sign-in was interactive.
interactive bool
}

// Microsoft Entra authentication methods
Expand Down
Loading

0 comments on commit 784fb14

Please sign in to comment.