Public/generated/Get-KriticalUtcmAzureRoleEligibilityScheduleSettings.ps1
|
# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit # (c) 2026 Kritical Pty Ltd | https://kritical.net # Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner. function Get-KriticalUtcmAzureRoleEligibilityScheduleSettings { <# .SYNOPSIS Kritical.UTCM shim for M365DSC resource AzureRoleEligibilityScheduleSettings. .DESCRIPTION Search-replace safe: callers that today invoke Get-M365DSCAzureRoleEligibilityScheduleSettings -Credential $cred -TenantId $tid can rename to Get-KriticalUtcmAzureRoleEligibilityScheduleSettings -Credential $cred -TenantId $tid with ZERO other edits. Parameter shape matches the M365DSC .schema.mof exactly. By default -PreferM365DscBehavior is true. Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge. Bridge maps resource → Graph endpoint per per-resource wave; where mapping is not yet shipped, bridge returns an object with Verdict='UNMAPPED'. .NOTES Workload: Other Param count: 44 #> [CmdletBinding()] param( # Display name of the role definition being governed by this policy. [Parameter(Mandatory)] [string]$RoleDefinitionDisplayName, # The scope of the role management policy. Supports subscriptions/{id}, subscriptions/{id}/resourceGroups/{name}, and providers/Microsoft.Management/managementGroups/{name} scopes. [Parameter(Mandatory)] [string]$ScopeId, # Specifies the internal Policy Id. [string]$PolicyId, # Activation maximum duration (hours). [string]$ActivationMaxDuration, # Require justification on activation (True/False). [bool]$ActivationReqJustification, # Require ticket information on activation (True/False). [bool]$ActivationReqTicket, # Require MFA on activation (True/False). [bool]$ActivationReqMFA, # Require approval to activate (True/False). [bool]$ApprovaltoActivate, # Require authentication context on activation (True/False). [bool]$ActivationReqAuthContext, # Authentication context claim value (Conditional Access policy id) for activation. [string]$ActivationAuthContextId, # Allow permanent eligible assignment (True/False). [bool]$PermanentEligibleAssignmentisExpirationRequired, # Expire eligible assignments after (Days). [string]$ExpireEligibleAssignment, # Allow permanent active assignment (True/False). [bool]$PermanentActiveAssignmentisExpirationRequired, # Expire active assignments after (Days). [string]$ExpireActiveAssignment, # Require Azure Multi-Factor Authentication on active assignment (True/False). [bool]$AssignmentReqMFA, # Require justification on active assignment (True/False). [bool]$AssignmentReqJustification, # Require Azure Multi-Factor Authentication on eligible assignment (True/False). [bool]$EligibilityAssignmentReqMFA, # Require justification on eligible assignment (True/False). [bool]$EligibilityAssignmentReqJustification, # Send notifications when members are assigned as eligible to this role: Role assignment alert, default recipient (True/False). [bool]$EligibleAlertNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this role: Role assignment alert, only critical Email (True/False). [bool]$EligibleAlertNotificationOnlyCritical, # Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), default recipient (True/False). [bool]$EligibleAssigneeNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), only critical Email (True/False). [bool]$EligibleAssigneeNotificationOnlyCritical, # Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, default recipient (True/False). [bool]$EligibleApproveNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False). [bool]$EligibleApproveNotificationOnlyCritical, # Send notifications when members are assigned as active to this role: Role assignment alert, default recipient (True/False). [bool]$ActiveAlertNotificationDefaultRecipient, # Send notifications when members are assigned as active to this role: Role assignment alert, only critical Email (True/False). [bool]$ActiveAlertNotificationOnlyCritical, # Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), default recipient (True/False). [bool]$ActiveAssigneeNotificationDefaultRecipient, # Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), only critical Email (True/False). [bool]$ActiveAssigneeNotificationOnlyCritical, # Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, default recipient (True/False). [bool]$ActiveApproveNotificationDefaultRecipient, # Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False). [bool]$ActiveApproveNotificationOnlyCritical, # Send notifications when eligible members activate this role: Role activation alert, default recipient (True/False). [bool]$ActivationAlertNotificationDefaultRecipient, # Send notifications when eligible members activate this role: Role activation alert, only critical Email (True/False). [bool]$ActivationAlertNotificationOnlyCritical, # Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False). [bool]$ActivationAssigneeNotificationDefaultRecipient, # Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False). [bool]$ActivationAssigneeNotificationOnlyCritical, # Send notifications when eligible members activate this role: Notification to approvers, default recipient (True/False). [bool]$ActivationApproveNotificationDefaultRecipient, # Send notifications when eligible members activate this role: Notification to approvers, only critical Email (True/False). [bool]$ActivationApproveNotificationOnlyCritical, # Credentials for the Microsoft Graph delegated permissions. [string]$Credential, # Id of the Azure Active Directory application to authenticate with. [string]$ApplicationId, # Id of the Azure Active Directory tenant used for authentication. [string]$TenantId, # Secret of the Azure Active Directory application to authenticate with. [string]$ApplicationSecret, # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. [string]$CertificateThumbprint, # Username can be made up to anything but password will be used for CertificatePassword [string]$CertificatePassword, # Path to certificate used in service principal usually a PFX file. [string]$CertificatePath, # Managed ID being used for authentication. [bool]$ManagedIdentity ) Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'AzureRoleEligibilityScheduleSettings' -Workload 'Other' -Verb 'Get' -CallerParams $PSBoundParameters } |