Public/generated/Get-KriticalUtcmSPOAccessControlSettings.ps1
|
# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit # (c) 2026 Kritical Pty Ltd | https://kritical.net # Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner. function Get-KriticalUtcmSPOAccessControlSettings { <# .SYNOPSIS Kritical.UTCM shim for M365DSC resource SPOAccessControlSettings. .DESCRIPTION Search-replace safe: callers that today invoke Get-M365DSCSPOAccessControlSettings -Credential $cred -TenantId $tid can rename to Get-KriticalUtcmSPOAccessControlSettings -Credential $cred -TenantId $tid with ZERO other edits. Parameter shape matches the M365DSC .schema.mof exactly. By default -PreferM365DscBehavior is true. Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge. Bridge maps resource → Graph endpoint per per-resource wave; where mapping is not yet shipped, bridge returns an object with Verdict='UNMAPPED'. .NOTES Workload: SharePoint Param count: 21 #> [CmdletBinding()] param( # Specifies the resource is a single instance, the value must be 'Yes' [Parameter(Mandatory)] [ValidateSet('Yes')] [string]$IsSingleInstance, # Determines whether tenant users see the Start a Site menu option [bool]$DisplayStartASiteOption, # Specifies URL of the form to load in the Start a Site dialog. The valid values are:<emptyString> (default) - Blank by default, this will also remove or clear any value that has been set.Full URL - Example: https://contoso.sharepoint.com/path/to/form [string]$StartASiteFormUrl, # Allows access from network locations that are defined by an administrator. [bool]$IPAddressEnforcement, # Configures multiple IP addresses or IP address ranges (IPv4 or IPv6). Use commas to separate multiple IP addresses or IP address ranges. [string]$IPAddressAllowList, # Office webapps TokenLifeTime in minutes [int]$IPAddressWACTokenLifetime, # Prevents the Download button from being displayed on the Virus Found warning page. [bool]$DisallowInfectedFileDownload, # Enables external services for a tenant. External services are defined as services that are not in the Office 365 datacenters. [bool]$ExternalServicesEnabled, # Sets email attestation to required [bool]$EmailAttestationRequired, # Sets email attestation re-auth days [int]$EmailAttestationReAuthDays, # Enables or disables the restricted access control. [bool]$EnableRestrictedAccessControl, # Only value accepted is 'Present' [ValidateSet('Present','Absent')] [string]$Ensure, # Credentials of the account to authenticate with. [string]$Credential, # Id of the Azure Active Directory application to authenticate with. [string]$ApplicationId, # Secret of the Azure Active Directory application to authenticate with. [string]$ApplicationSecret, # Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com [string]$TenantId, # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. [string]$CertificateThumbprint, # Username can be made up to anything but password will be used for CertificatePassword [string]$CertificatePassword, # Path to certificate used in service principal usually a PFX file. [string]$CertificatePath, # Managed ID being used for authentication. [bool]$ManagedIdentity, # Blocks or limits access to SharePoint and OneDrive content from un-managed devices. [ValidateSet('AllowFullAccess','AllowLimitedAccess','BlockAccess','ProtectionLevel')] [string]$ConditionalAccessPolicy ) Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'SPOAccessControlSettings' -Workload 'SharePoint' -Verb 'Get' -CallerParams $PSBoundParameters } |