ASD - Australian Signals Directorate

ASD's Blueprint for Secure Cloud

Microsoft Teams

This section describes the configuration of Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Automated Configuration Deployment and Assessment

Overview

All of the Teams configurations can be automatically deployed using Microsoft 365 Desired State Configuration (DSC).

All of the Teams configurations can be assessed using a DSC blueprint.

Desired State Configuration

Before using the below DSC file, please refer to the automated deployment for instructions.

Desired State Configuration file
Download Teams DSC (.ps1)
The linked .txt file must be renamed to .ps1
Configuration Data File:
The configuration data file can be found on the DSC setup page.
Service principal permissions

For organisations importing the DSC as per the instructions on the automated deployment page, the following permissions will need to be added to the M365DSC app:

"TeamsAppPermissionPolicy", "TeamsAudioConferencingPolicy", "TeamsCallHoldPolicy", "TeamsCallingPolicy", "TeamsChannelsPolicy", "TeamsClientConfiguration", "TeamsComplianceRecordingPolicy", "TeamsDialInConferencingTenantSettings", "TeamsEventsPolicy", "TeamsFederationConfiguration", "TeamsFeedbackPolicy", "TeamsGroupPolicyAssignment", "TeamsGuestCallingConfiguration", "TeamsGuestMeetingConfiguration", "TeamsGuestMessagingConfiguration", "TeamsMeetingBroadcastConfiguration", "TeamsMeetingBroadcastPolicy", "TeamsMeetingConfiguration", "TeamsMeetingPolicy", "TeamsMessagingPolicy", "TeamsOrgWideAppSettings", "TeamsPstnUsage", "TeamsShiftsPolicy", "TeamsTemplatesPolicy", "TeamsTenantDialPlan", "TeamsTenantNetworkRegion", "TeamsTenantNetworkSite", "TeamsTranslationRule", "TeamsUpdateManagementPolicy", "TeamsUpgradeConfiguration"
Additional configuration

The following instructions must be completed before step 6 Deploy the configuration, on the automated deployment page:

  • Assign the Entra, Teams Administrator role to the M365DSC service principal.
Teams

This section describes the configuration of teams within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Users

This section describes the configuration of users within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Teams apps

This section describes the configuration of apps within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Meetings

This section describes the configuration of meetings within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Messaging

This section describes the configuration of messaging within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Voice

This section describes the configuration of voice services within Microsoft Teams associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra