Author

Brad Wyatt

My name is Bradley Wyatt; I am a 5x Microsoft Most Valuable Professional (MVP) in Microsoft Azure and Microsoft 365. I have given talks at many different conferences, user groups, and companies throughout the United States, ranging from PowerShell to DevOps Security best practices, and I am the 2022 North American Outstanding Contribution to the Microsoft Community winner.

Posts by Brad Wyatt

Detect Modified SharePoint List Items and Retrieve Old Values in Sharepoint Using Logic Apps

Detect Modified SharePoint List Items and Retrieve Old Values in Sharepoint Using Logic Apps

Comments 0 Comment

Overview

I currently have a SharePoint list with an identity (person or group) column called “Owners,” where I can search for employees and add them to a list item. I then want to e-mail newly added people that they have been added to a list item so they can go and review the details of it.

While SharePoint does have an ‘automate’ feature where you can detect a list item’s column is modified, the only option is to send an email to all the people that are currently in that column. So, if you add a new person, it will re-email everyone who is already there. The other issue is that the e-mail says (below) is non-descript, so your users will be confused about why they are getting it.

Logic Apps does have a trigger that is “When an item is modified,” but its output is the current … Continue...

Automating Code Compliance: AI-Driven Code Style Enforcement for Pull Requests

Automating Code Compliance: AI-Driven Code Style Enforcement for Pull Requests

Comments 0 Comment

Overview

As teams increasingly rely on automation for code quality and compliance, ensuring consistent coding standards can be challenging during the pull request (PR) process. In this article, we explore how to build an AI-powered style enforcement pipeline using modern tools like GPT-4 and CI/CD workflows.

You’ll learn how to:

  • Enforce best practices and team-specific coding guidelines without manual intervention.
  • Integrate automated code reviews into your PR pipelines.
  • Leverage AI to detect style violations, generate actionable reports, and even suggest fixes.

With this in place, you can lower the amount of time code reviews take your engineers, and even have the Pull Request be rejected until the resolutions are addressed and marked as complete.

How It Works

  • We will set up a Pipeline that will be triggered upon a new Pull Request in the repository.
  • If there are modified PowerShell files (ex: .ps1, .psm1, .psd1)
  • Then, import
Continue...
Automated Deployment of a Zero Trust Azure Automation Environment

Automated Deployment of a Zero Trust Azure Automation Environment

Comments 0 Comment

Overview

A common and recommended security practice is only allowing access to an Azure Storage Account via a whitelisted IP address. While this is generally a good idea, a problem arises when you need an Azure Automation Account to access one of these Storage Accounts. Currently, even if you whitelist an entire Azure region, your automation runbook will fail to connect to your Storage Account. Instead, you must use an Azure Private Link to connect Azure Automation to your PaaS Azure Resources securely, but “in the current implementation of Private Link, Automation account cloud jobs cannot access Azure resources that are secured using private endpoint. For example, Azure Key Vault, Azure SQL, Azure Storage account, etc. To workaround this, use a Hybrid Runbook Worker instead. Hence, on-premises VMs are supported to run Hybrid Runbook Workers against an Automation Account with Private Link enabled.” 1

This configuration isn’t as simple as … Continue...

Automatically Detect and Prevent Secrets Leaked into Code within Azure DevOps

Automatically Detect and Prevent Secrets Leaked into Code within Azure DevOps

Comments 0 Comment

Objective

Security vulnerabilities introduced by hardcoded secrets, passwords, or tokens in your source code can significantly compromise the safety of your application and/or infrastructure. A single API key or database connection string committed to a repository can be a gateway for attackers. But how do you ensure sensitive information never enters your codebase? The answer lies in automation.

In this blog post, you’ll learn how to automate secret detection in Azure DevOps using Gitleaks. We’ll set up a pipeline that listens for pull requests (PRs), fetches the latest code changes, and scans them for leaks — failing the PR if any secrets are found.

Why Do We Need Secret Detection

According to GitGuardian’s 2024 report, “State of Secrets Sprawl”, nearly 13 million new secrets were discovered in public GitHub commits, marking a 28% increase. Out of the 1.1 billion commits scanned, more than 1 in … Continue...

Leveraging OpenAI to Enhance Pull Request Management in Azure DevOps

Leveraging OpenAI to Enhance Pull Request Management in Azure DevOps

Comments 0 Comment

Objective

Our goal is to create an automation that significantly enhances the efficiency of our development process. A service hook is triggered when a new Pull Request is created in Azure DevOps, sending a webhook to an Azure Function. This function analyzes the request body, gets all commits in the Pull Request, and sends it to Open AI’s API, which generates a Pull Request message detailing all of the proposed changes from the commits and writes it back to the Azure DevOps Pull Request.

The diagram below gives a high-level overview of how automation works from start to finish.

OpenAI

Generate a new API Key

The first step is to obtain an OpenAI API key to interact with the API. To do so, go to the following website.

Once you have signed in, click + Create new secret key

Give it a descriptive name, and for permissions, in my … Continue...

Automate Azure DevOps Work Item Updates with Azure Functions and the Azure DevOps API

Automate Azure DevOps Work Item Updates with Azure Functions and the Azure DevOps API

Comments 0 Comment

Objective

I use Azure DevOps Boards for agile project management, allowing me to plan, track, and discuss automation and DevOps tasks. I also create reporting dashboards from the data within the work items. One such metric I report on is how much time we save when implementing a new automation. To do this, I have a field called “Estimated Manual Time (min)” and “Annual Occurrences“. The first field is how long it takes someone to do the task manual right now, and the second field is how many times per year this certain task is done. The last field is “Time Saved Annually (hours),” which takes the first field, multiply it by the second field, and then divides that number by 60.

In this article, I will show you how I automated the “Time Saved Annually (hours)” value whenever a new work … Continue...

How The ConnectWise Manage API Handles Pagination with PowerShell

How The ConnectWise Manage API Handles Pagination with PowerShell

Comments 3 comments

If you have ever worked with the Microsoft Graph API, you may be familiar with how it handles pagination, which is returning an @odata.nextLink property in the response containing a URL to the following results page. 

I was initially confused when I started working with the ConnectWise PSA API. Although I could specify a pageSize and page parameter, there never seemed to be an indication of where to go for the next page of results. This write-up will show you several ways to do pagination within the API and how to form your headers and requests for each type.

The documentation for pagination from Connectwise can be found here.

Query Parameters

The first item to discuss is query parameters. Query parameters are key-value pairs that filter, sort, or paginate data an API returns. Below is a table of the query parameters we will use when paginating data and what … Continue...

Upload a file to Connectwise and Attach it to a Service Ticket with PowerShell

Upload a file to Connectwise and Attach it to a Service Ticket with PowerShell

Comments 3 comments

I have recently been automating a lot within Connectwise PSA. One of the items I set out to do is to upload a file and attach it to a service ticket. This led me to the following article, but after doing some testing, I found that some file types were not properly rendering on the Connectwise side, making me believe there was something wrong with the encoding.

I could upload a .txt file without issues, but I also tried with a .docx and a .pdf, and the file would be corrupted or blank.

The process to upload a file and then link it to a service ticket is first to upload the file to the endpoint /system/documents and then, from there, link the uploaded document to an existing service ticket.

Multipart/Form-Data

The first thing to know about how Connectwise wants a document uploaded is that it uses what is … Continue...

Getting Started with GitHub Copilot in the CLI

Getting Started with GitHub Copilot in the CLI

Comments 1 comment

It was announced recently that GitHub Copilot in the CLI has reached General Availablity for all Individual, Business, and Enterprise customers. In this post, I will show you how you can get download and install the CLI and Copilot extension, authenticate to use Copilot, and the available commands and use cases.

Install the GitHub CLI

Windows

With Windows, we can install the GitHub CLI via the command line (Winget, Chocolatey, or Scoop) or manually from here.

Winget

With Winget, we can install the GitHub CLI using the following command: 

winget install --id GitHub.cli

MacOS

With MacOS, we can install the GitHub CLI via homebrew or manually from here.

Homebrew

Using homebrew, run the following command:

brew install gh

Authenticate

Note: In order to use Copilot in the CLI, you must have an active GitHub Copilot subscription.

Once you have a valid subscription to use Copilot, run the … Continue...

View and Export your Intune Device Management Scripts Using the Microsoft Graph PowerShell SDK

View and Export your Intune Device Management Scripts Using the Microsoft Graph PowerShell SDK

Comments 0 Comment

Introduction

If you’re familiar with Intune, you’re likely aware of its capability to deploy platform or PowerShell scripts to your endpoint devices. Unfortunately, once you upload your script to the portal, there is (at the time of writing this) no easy way to view the script content or download it.

Resolution

To quickly and easily get Intune scripts, I created a function that allows me to export all the scripts from a tenant en masse and view them in the shell or terminal. Sometimes, I am auditing a new tenant and have no need to download the scripts to my local machine; I need to audit the code behind it to get an idea of what is being performed. Additionally, I added some other quality-of-life features that I did not find in other scripts online.

Features

Platform Agnostic

The function will work on PowerShell Core (pwsh) and Windows PowerShell. Allowing … Continue...