updated text in azuredeploy.json

Azure · Nov 3, 2023 · 1db9dc2 · 1db9dc2
1 parent 283c7e3
commit 1db9dc2
Show file tree

Hide file tree

Showing 6 changed files with 6 additions and 6 deletions.
diff --git a/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/alert-trigger/azuredeploy.json b/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/alert-trigger/azuredeploy.json
@@ -5,7 +5,7 @@
         "title": "Block Microsoft Entra ID user - Alert",
         "description": "For each account entity included in the alert, this playbook will disable the user in Microsoft Entra ID, add a comment to the incident that contains this alert and notify manager if available. Note: This playbook will not disable admin user!",
         "prerequisites": ["None"],
-        "postDeployment": ["1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Azure AD and Office 365 Outlook Logic App connections."],
+        "postDeployment": ["1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Microsoft Entra ID and Office 365 Outlook Logic App connections."],
         "lastUpdateTime": "2022-07-11T00:00:00.000Z",
         "entities": [ "Account" ],
         "tags": [ "Remediation" ],

diff --git a/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/entity-trigger/azuredeploy.json b/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/entity-trigger/azuredeploy.json
@@ -4,7 +4,7 @@
     "metadata": {
         "title": "Block Microsoft Entra ID user - Entity trigger",
         "description": "This playbook disables the selected user (account entity) in Microsoft Entra ID. If this playbook triggered from an incident context, it will add a comment to the incident. This playbook will notify the disabled user manager if available. Note: This playbook will not disable admin user!",
-        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Azure AD and Office 365 Outlook Logic App connections." ],
+        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Microsoft Entra ID and Office 365 Outlook Logic App connections." ],
         "lastUpdateTime": "2022-12-08T00:00:00.000Z",
         "entities": [ "Account" ],
         "tags": [ "Remediation" ],

diff --git a/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/incident-trigger/azuredeploy.json b/Solutions/Microsoft Entra ID/Playbooks/Block-AADUser/incident-trigger/azuredeploy.json
@@ -5,7 +5,7 @@
         "title": "Block AAD user - Incident",
         "description": "For each account entity included in the incident, this playbook will disable the user in Azure Active Directoy, add a comment to the incident that contains this alert and notify manager if available. Note: This playbook will not disable admin user!",
         "prerequisites": [ "None" ],
-        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Azure AD and Office 365 Outlook Logic App connections." ],
+        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Grant User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All permissions to the managed identity.", "3. Authorize Microsoft Entra ID and Office 365 Outlook Logic App connections." ],
         "lastUpdateTime": "2022-07-11T00:00:00.000Z",
         "entities": [ "Account" ],
         "tags": [ "Remediation" ],

diff --git a/Solutions/Microsoft Entra ID/Playbooks/Prompt-User/alert-trigger/azuredeploy.json b/Solutions/Microsoft Entra ID/Playbooks/Prompt-User/alert-trigger/azuredeploy.json
@@ -5,7 +5,7 @@
         "title": "Prompt User - Alert",
         "description": "This playbook will ask the user if they completed the action from the alert in Microsoft Sentinel.  If so, it will close the incident and add a comment.  If not, it will post a message to teams for the SOC to investigate and add a comment to the incident.",
         "prerequisites": [ "1. You will need the Team Id and Channel Id." ],
-        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Authorize Azure AD, Microsoft Teams, and Office 365 Outlook Logic App connections." ],
+        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Authorize Microsoft Entra ID, Microsoft Teams, and Office 365 Outlook Logic App connections." ],
         "lastUpdateTime": "2022-07-11T00:00:00.000Z",
         "entities": [ "Account" ],
         "tags": [ "Remediation" ],

diff --git a/Solutions/Microsoft Entra ID/Playbooks/Prompt-User/incident-trigger/azuredeploy.json b/Solutions/Microsoft Entra ID/Playbooks/Prompt-User/incident-trigger/azuredeploy.json
@@ -5,7 +5,7 @@
         "title": "Prompt User - Incident",
         "description": "This playbook will ask the user if they completed the action from the Incident in Microsoft Sentinel.  If so, it will close the incident and add a comment.  If not, it will post a message to teams for the SOC to investigate and add a comment to the incident.",
         "prerequisites": [ "1. You will need the Team Id and Channel Id." ],
-        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Authorize Azure AD, Microsoft Teams, and Office 365 Outlook Logic App connections." ],
+        "postDeployment": [ "1. Assign Microsoft Sentinel Responder role to the Playbook's managed identity.", "2. Authorize Microsoft Entra ID, Microsoft Teams, and Office 365 Outlook Logic App connections." ],
         "lastUpdateTime": "2022-07-11T00:00:00.000Z",
         "entities": [ "Account" ],
         "tags": [ "Remediation" ],

diff --git a/...ions/Microsoft Entra ID/Playbooks/Revoke-AADSignInSessions/alert-trigger/azuredeploy.json b/...ions/Microsoft Entra ID/Playbooks/Revoke-AADSignInSessions/alert-trigger/azuredeploy.json
@@ -4,7 +4,7 @@
     "metadata": {
         "title": "Revoke-AADSignInSessions alert trigger",
         "description": "This playbook will revoke all signin sessions for the user using Graph API.  It will send an email to the user's manager.",
-        "prerequisites": ["1. You must create an app registration for graph api with appropriate permissions.", "2.  You will need to add the managed identity that is created by the logic app to the Password Administrator role in Azure AD."],
+        "prerequisites": ["1. You must create an app registration for graph api with appropriate permissions.", "2.  You will need to add the managed identity that is created by the logic app to the Password Administrator role in Microsoft Entra ID."],
         "comments": "This playbook will revoke all signin sessions for the user using Graph API using a Beta API.  It will send and email to the user's manager.",
 
         "lastUpdateTime": "2021-07-14T00:00:00.000Z",