1. Release Notes

v3.3.9 [In Progress]

Get-MCASDiscoveredApp: Improve -ResultSetSize to pull more than 100 records at a time. Issue #69
Set-MCASAdminAccess: Improve to cover additional built in MCAS roles such as speciality roles scoped to apps.
Set-MCASDiscoveredAppTag: New cmdlet used to mark apps as sanctioned/unsanctioned.
Get-MCASAlertDefaultSetting: New cmdlet used to pull default alert behavior. Issue #62

v3.3.8 [Published to PSGallery]

Get-MCASDiscoveredAppTag: New cmdlet used to return tags assigned to an app. [done]
New-MCASGroupImport: New cmdlet used to import AAD groups into MCAS. [done]
Get-MCASDiscoveredApp: Added 4 new filters: UsersLessThan, UsersGreaterThan, RiskScoreMin, and RiskScoreMax. [done]
Get-MCASAlert: Fixed ResolutionStatus filter. [done]

v3.3.7 [Published to PSGallery]

Get-MCASAlert: Improve -ResultSetSize to pull more than 100 records at a time. Issue #69 [done]
Get-MCASAlert: Fixed issue where $body would be output with the results. [done]
Get-MCASActivity: Add support for user.tags (aka User Groups). New Parameters: -UserGroup -UserGroupNot -UserGroupPresent -UserGroupNotPresent [done]
Get-MCASPolicy: Added support for pulling activities by ID, and expanded -PolicyType to work for all types of policies. [done]
Invoke-MCASRestMethod: Added error handling for 502 errors. Will now initiate retries the same as 504 errors. [done]

v3.3.6 [Published to PSGallery]

Get-MCASDiscoveredApp: Added the ability to select "None" in the -Tag parameter. [done]
Get-MCASActivity: Fixed issue when fetching activities by Identity. [done]
Get-MCASAccount: Fixed Identity property to now show proper ID value. [done]

v3.3.5 [Published to PSGallery]

[IMPORTANT!] Get-MCASActivity: Migrated cmdlet back to /activities endpoint. This update fixes Get-MCASActivity which was previously broken. [done]

v3.3.4 [Published to PSGallery]

Get-MCASCredential: Added support for gov customers with domains ending in .us. Also added support for a number of other domain suffixes. [done]

v3.3.3 [Published to PSGallery]

Added following parameters to Get-MCASAccount: -IsAdmin and -Type [done]
Fixed following parameter in Get-MCASAccount: -Identity [done]
Marked the following parameter as deprecated in Get-MCASAccount help text: -UserName (This parameter may be re-introduced in the future. Current version of /entities API endpoint does not support querying by username). [done]

v3.3.2 [Published to PSGallery]

v3.2.1 [Published to PSGallery]

v3.2.0 [Published to PSGallery]

Added support for Powershell (core) on non-Windows systems, such as Linux (includes Export-MCASCredential and Import-MCASCredential, as well as resolving case sensitivity issues). Let us know your experience if you use the module on non-Windows platforms [done]
Fixed problems with adding and removing MCAS administrators. [done]
De-listed all old versions of the module from PSGallery to prevent recurrence of issues that have been previously resolved. [done]

v3.1.6 [Published to PSGallery]

Fixed a key collision in Get-MCASActivity when fetching an activity by ID. [done]
Fixed a looping problem with Get-MCASActivity when trying to pull between 101 and 5000 records. [done]

v3.1.5 [Published to PSGallery]

Added support for pulling more than 5000 records with Get-MCASActivity. [done]
Added auto-looping logic for Get-MCASFile. You can now pull up to 100,000 files using -ResultSetSize. This is an increase from 100. [done]
Updated the Get-MCASActivity endpoint to /activities_kusto [done]
Updated the Get-MCASAccount endpoint to /entities [done]
Updated the Get-MCASAppInfo endpoint and removed pointless parameters. A request body is no longer used, instead the appid is added to the URL as a GET request. -AppId parameter is now a type of Array instead of String[] [done]
Added some restrictions for Get-MCASActivity [done]
1. If you want to pull more than 5000 records, you must do so in increments of 100. This is intended to be a temporary restriction and may be removed in a future release.
2. You may not use the -Skip parameter when pulling more than 5000 records.

v3.1.4 [Published to PSGallery]

Fixed Get-FilePolicy -PolicyId bug. The 'eq' operator was replaced with 'cabinetmatchedrulesequals'. [done]
Fixed a key collision in Get-MCASActivity where eventType and EventType would collide due to case insensitivity. EventType is now renamed as EventType_2. [done]

v3.1.3 [Published to PSGallery]

Updated Get-MCASDiscoveredApp to use the new V1 API endpoint. [done]
Fixed issue with Get-MCASFile -Identity breaking. [done]
Added a parameter called PeriodicWriteToFile to Get-MCASActivity that allows you to dump results of the cmdlet to a file after each batch of 100 returned objects. The purpose of this parameter is to help with very large data pulls that have a high chance of interruption. [done]

v3.1.2 [Published to PSGallery]

Added error handling for 504 Gateway Timeouts [done]
Added the ability to specify a resultsetsize of up to 100,000 records for Get-MCASActivity. Previously, the limit was 100 and required you to create the looping logic to retrieve many records. This logic is now handled automatically and will retrieve all records in batches of 100 (the API limit). [done]
Fixed a bug where retrieving certain activities sourced from the Microsoft Azure API connector would break when converting from JSON to PSObject due to conflicting case-insensitive attributes. [done]

v3.0.0: [Published to PSGallery]

Completely re-factored from the old module, which is now deprecated. It is in a separate repo called Cloud-App-Security [done]
Eliminated the -CAS noun prefix aliases for all commands. They now only use the -MCAS noun prefix [done]
Standardized all communication of the tenant and token information for all commands to be through the -Credential parameter. Old parameters for -TenantUri and -Token are gone. Old scripts and examples using those params will not work. [done]
Many additional changes occurred, some of which may have also broken backward compatibility with the old module, which is why this is a new project. [done]

Provide feedback