Skip to main content
Glama
enesjakozh
DynamicEndpoints

BOD-25-01-CSA-Microsoft-Policy-MCP

by DynamicEndpoints
OverviewInspectSchemaRelated ServersScoreDiscussions
JavaScript
Remote

configure_role_alerts

Set up email notifications for privileged role assignments to monitor access changes in Microsoft 365 services.

Instructions

Configure alerts for privileged role assignments (MS.AAD.7.7v1)

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
notificationEmailsYesEmail addresses to notify on role assignments

Implementation Reference

  • cisa-m365/src/index.ts:938-965 (handler)
    The main handler function that executes the tool logic: configures privileged role assignment alerts by posting to Microsoft Graph API /policies/alertPolicies with provided notification emails.
    private async configureRoleAlerts(args: AlertSettingsArgs) { try { // Configure role assignment alerts using Microsoft Graph API await this.graphClient .api('/policies/alertPolicies') .post({ displayName: 'Privileged Role Assignment Alert', isEnabled: true, severity: 'high', category: 'roleManagement', notificationRecipients: args.notificationEmails, }); return { content: [ { type: 'text', text: 'Privileged role assignment alerts configured successfully', }, ], }; } catch (error: unknown) { throw new McpError( ErrorCode.InternalError, `Failed to configure role alerts: ${error instanceof Error ? error.message : 'Unknown error'}` ); } }
  • cisa-m365/src/index.ts:27-48 (schema)
    Type definition (AlertSettingsArgs) and validation function (isAlertSettingsArgs) for the tool's input parameters: array of notification email strings.
    interface AlertSettingsArgs { notificationEmails: string[]; } function isRoleAssignmentArgs(args: unknown): args is RoleAssignmentArgs { if (typeof args !== 'object' || args === null) return false; const a = args as Record<string, unknown>; return ( Array.isArray(a.userIds) && a.userIds.every(id => typeof id === 'string') && typeof a.roleId === 'string' ); } function isAlertSettingsArgs(args: unknown): args is AlertSettingsArgs { if (typeof args !== 'object' || args === null) return false; const a = args as Record<string, unknown>; return ( Array.isArray(a.notificationEmails) && a.notificationEmails.every(email => typeof email === 'string') ); }
  • cisa-m365/src/index.ts:276-291 (registration)
    Tool registration in the ListToolsRequestHandler, including name, description, and inputSchema.
    name: 'configure_role_alerts', description: 'Configure alerts for privileged role assignments (MS.AAD.7.7v1)', inputSchema: { type: 'object', properties: { notificationEmails: { type: 'array', items: { type: 'string', }, description: 'Email addresses to notify on role assignments', }, }, required: ['notificationEmails'], }, },
  • cisa-m365/src/index.ts:366-374 (registration)
    Dispatch case in CallToolRequestHandler that validates input and calls the handler function.
    case 'configure_role_alerts': { if (!isAlertSettingsArgs(request.params.arguments)) { throw new McpError( ErrorCode.InvalidParams, 'Invalid alert settings arguments' ); } return await this.configureRoleAlerts(request.params.arguments); }

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/DynamicEndpoints/Automated-BOD-25-01-CISA-Microsoft-Policies-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server