Public/generated/Get-KriticalUtcmEXOATPBuiltInProtectionRule.ps1

# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit
# (c) 2026 Kritical Pty Ltd | https://kritical.net
# Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner.

function Get-KriticalUtcmEXOATPBuiltInProtectionRule {
<#
.SYNOPSIS
    Kritical.UTCM shim for M365DSC resource EXOATPBuiltInProtectionRule.

.DESCRIPTION

    Search-replace safe: callers that today invoke
        Get-M365DSCEXOATPBuiltInProtectionRule -Credential $cred -TenantId $tid
    can rename to
        Get-KriticalUtcmEXOATPBuiltInProtectionRule -Credential $cred -TenantId $tid
    with ZERO other edits. Parameter shape matches the M365DSC .schema.mof
    exactly. By default -PreferM365DscBehavior is true.

    Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge.
    Bridge maps resource → Graph endpoint per per-resource wave; where mapping
    is not yet shipped, bridge returns an object with Verdict='UNMAPPED'.

.NOTES
    Workload: Exchange
    Param count: 10
#>

[CmdletBinding()]
param(
        # The Identity parameter specifies the rule that you want to modify. You can use any value that uniquely identifies the rule.
[Parameter(Mandatory)] [string]$Identity,
        # The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.
[string]$Comments,
        # Present ensures the instance exists, absent ensures it is removed.
[ValidateSet('Absent','Present')] [string]$Ensure,
        # Credentials of the workload's Admin
[string]$Credential,
        # Id of the Azure Active Directory application to authenticate with.
[string]$ApplicationId,
        # Id of the Azure Active Directory tenant used for authentication.
[string]$TenantId,
        # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.
[string]$CertificateThumbprint,
        # Username can be made up to anything but password will be used for CertificatePassword
[string]$CertificatePassword,
        # Path to certificate used in service principal usually a PFX file.
[string]$CertificatePath,
        # Managed ID being used for authentication.
[bool]$ManagedIdentity
)
    Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'EXOATPBuiltInProtectionRule' -Workload 'Exchange' -Verb 'Get' -CallerParams $PSBoundParameters
}