Integrate with Microsoft Power Automate for custom alert automation

Cloud App Security integrates with Microsoft Power Automate to provide custom alert automation and orchestration playbooks. By using the ecosystem of connectors available in Power Automate, you can automate the triggering of playbooks when Cloud App Security generates alerts. For example, automatically create an issue in ticketing systems using ServiceNow connector or send an approval email to execute a custom governance action when an alert is triggered in Cloud App Security.

Prerequisites

How it works

On its own, Cloud App Security provides predefined governance options such as suspend a user or make a file private when defining policies. By creating a playbook in Power Automate using Cloud App Security connector, you can create workflows to enable customized governance options for your policies. After the playbook is created in Power Automate, simply associate it with a policy in Cloud App Security to send alerts to Power Automate. Microsoft Power Automate offers several connectors and conditions to create a customized workflow for your organization.

The Cloud App Security connector in Power Automate supports automated triggers and actions. Power Automate is triggered automatically when Cloud App Security generates an alert. Actions include changing the alert status in Cloud App Security.

How to create playbooks with Power Automate

  1. Create an API token in Cloud App Security.

  2. Navigate to the Power Automate portal, select My flows, select New, and from the drop-down, select Automated - from blank.

    Power Automate create new flow

  3. Provide a name for the flow, and in Choose your flow's trigger, type Cloud App Security and select When an alert is generated.

    Power Automate when an alert is generated

  4. Under Authentication settings, paste the API token from step 1.

  5. Define the workflow that should be triggered when a policy in Cloud App Security generates an alert. You can add an action, logical condition, switch case conditions or loops and save the playbook.

    Power Automate workflow

  6. In the Cloud App Security portal, go to Policies and in the row of the policy whose alerts you want to forward to Power Automate, click the three dots and select Settings.

  7. Under Alerts, select Send Alerts to Power Automate and choose the name of the playbook from the drop-down menu.

    Enable Power Automate in Cloud App Security portal

  8. Cloud App Security playbooks that you've authored or are granted access to can be seen in the Security extensions screen.

    view playbooks in Cloud App Security

Next steps

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.