Examples/Resources/SCDLPComplianceRule/1-AddingNewDLPComplianceRule.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<#
This example is used to test new resources and showcase the usage of new resources being worked on.
It is not meant to use as a production baseline.
#>


Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $credsGlobalAdmin
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        SCDLPComplianceRule Rule
        {
            AccessScope                         = "InOrganization";
            BlockAccess                         = $True;
            BlockAccessScope                    = "All";
            ContentContainsSensitiveInformation = @(MSFT_SCDLPSensitiveInformation
            {
                name = 'EU Debit Card Number'
                id = '0e9b3178-9678-47dd-a509-37222ca96b42'
                maxconfidence = '100'
                minconfidence = '75'
                classifiertype = 'Content'
                mincount = '1'
                maxcount = '9'
            }
            );
            Disabled                            = $False;
            DocumentIsPasswordProtected         = $False;
            DocumentIsUnsupported               = $False;
            Ensure                              = "Present";
            ExceptIfDocumentIsPasswordProtected = $False;
            ExceptIfDocumentIsUnsupported       = $False;
            ExceptIfHasSenderOverride           = $False;
            ExceptIfProcessingLimitExceeded     = $False;
            GenerateIncidentReport              = @("SiteAdmin");
            GlobalAdminAccount                  = $Credsglobaladmin;
            HasSenderOverride                   = $False;
            IncidentReportContent               = @("DocumentLastModifier","Detections","Severity","DetectionDetails","OriginalContent");
            Name                                = "Low volume EU Sensitive content found";
            NotifyUser                          = @("LastModifier");
            Policy                              = "General Data Protection Regulation (GDPR)";
            ProcessingLimitExceeded             = $False;
            RemoveRMSTemplate                   = $False;
            ReportSeverityLevel                 = "Low";
            StopPolicyProcessing                = $False;
        }
    }
}