mirror of
https://github.com/fleetdm/fleet
synced 2026-05-06 06:48:54 +00:00
13eeebe548
Changes: - Created a new database model: `MicrosoftComplianceTenant`. A model that stores information about complaince tenants - Added `/policies/is-cloud-customer`: a policy that blocks requests to microsoft proxy endpoints if a `MS API KEY` header is missing or does not match a new config variable (`sails.custom.config.cloudCustomerCompliancePartnerSharedSecret`) - Added `microsoft-proxy/create-compliance-partner-tenant`: an action that creates a database record for a new compliance tenant and generates an API key that is used to authenticate future requests to microsoft proxy endpoints for an entra tenant. - Added `microsoft-proxy/get-compliance-partner-settings`: an action that returns information about Fleet's complaince partner entra application and the entra tenant's admin consent status (whether or not a tenant's entra admin has granted permissions to Fleet's compliance partner application) - Added `microsoft-proxy/get-tenants-admin-consent-status`: an action that updates the admin consent status of a compliance tenant record. - Added `microsoft-proxy/setup-compliance-partner-tenant`: an action that provisions a compliance tenant, creates a complaince policy for macOS devices assigns the created policy to the built-in "All users" user group on the tenants entra instance. - Added `microsoft-proxy/update-one-devices-compliance-status`: an action that receives information about a device on a compliance tenant's Fleet instance, sends that information to their Entra instance, and returns the messsage ID returned by the asynchronus Entra API. - Added `microsoft-proxy/get-one-compliance-status-result`: an action that returns the result of a compliance status update from the Entra API. - Added `sails.helpers.microsoft-proxy.get-access-token-and-api-urls` A helper that gets an access token for a tenant's entra instance and the URLs of the API endpoints the microsoft proxy actions use for a tenant. - Added `scripts/send-entra-heartbeat-requests` A script that will run daily to keep all microsoft compliance integrations provisioned. - --------- Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> |
||
|---|---|---|
| .. | ||
| build-static-content.js | ||
| create-issues-for-todays-rituals.js | ||
| deliver-estimation-report.js | ||
| deliver-nurture-emails.js | ||
| freeze-open-pull-requests.js | ||
| generate-bugs-csv.js | ||
| generate-html-email-from-article.js | ||
| generate-merged-schema.js | ||
| get-bug-and-pr-report.js | ||
| get-powershell-commands-and-regenerate-queries-yaml.js | ||
| migrate-lead-source-to-contact-source.js | ||
| provision-sandbox-instance-for-one-user-and-deliver-email.js | ||
| rebuild-cloud-sdk.js | ||
| send-aggregated-metrics-to-datadog.js | ||
| send-data-to-vanta.js | ||
| send-entra-heartbeat-requests.js | ||
| test-ai-compile.js | ||
| test-ai-constraint-satisfaction.js | ||
| test-ai-decision.js | ||
| test-ai-improve-prompt.js | ||
| test-ai-weights.js | ||
| test-llm-generated-sql.js | ||