DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.schema.mof

[ClassVersion("1.0.0.0"), FriendlyName("IntuneAppProtectionPolicyiOS")]
class MSFT_IntuneAppProtectionPolicyiOS : OMI_BaseResource
{
    [Key, Description("Display name of the iOS App Protection Policy.")] String DisplayName;
    [Write, Description("Description of the iOS App Protection Policy.")] String Description;
    [Write, Description("The period after which access is checked when the device is not connected to the internet.")] String PeriodOfflineBeforeAccessCheck;
    [Write, Description("The period after which access is checked when the device is connected to the internet.")] String PeriodOnlineBeforeAccessCheck;
    [Write, Description("Sources from which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedInboundDataTransferSources;
    [Write, Description("Destinations to which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedOutboundDataTransferDestinations;
    [Write, Description("Indicates whether organizational credentials are required for app use.")] Boolean OrganizationalCredentialsRequired;
    [Write, Description("The level to which the clipboard may be shared between apps on the managed device. Possible values are: allApps, managedAppsWithPasteIn, managedApps, blocked."), ValueMap{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}, Values{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}] String AllowedOutboundClipboardSharingLevel;
    [Write, Description("Indicates whether the backup of a managed app's data is blocked.")] Boolean DataBackupBlocked;
    [Write, Description("Indicates whether device compliance is required.")] Boolean DeviceComplianceRequired;
    [Write, Description("Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android).")] Boolean ManagedBrowserToOpenLinksRequired;
    [Write, Description("Indicates whether users may use the Save As menu item to save a copy of protected files.")] Boolean SaveAsBlocked;
    [Write, Description("The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.")] String PeriodOfflineBeforeWipeIsEnforced;
    [Write, Description("Indicates whether an app-level pin is required.")] Boolean PinRequired;
    [write, description("Indicates whether use of the app pin is required if the device pin is set.")] Boolean DisableAppPinIfDevicePinIsSet;
    [Write, Description("Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.")] UInt32 MaximumPinRetries;
    [Write, Description("Block simple PIN and require complex PIN to be set.")] Boolean SimplePinBlocked;
    [Write, Description("Minimum pin length required for an app-level pin if PinRequired is set to True.")] UInt32 MinimumPinLength;
    [Write, Description("Character set which may be used for an app-level pin if PinRequired is set to True. Possible values are: numeric, alphanumericAndSymbol."), ValueMap{"numeric","alphanumericAndSymbol"}, Values{"numeric","alphanumericAndSymbol"}] String PinCharacterSet;
    [Write, Description("Data storage locations where a user may store managed data.")] String AllowedDataStorageLocations[];
    [Write, Description("Indicates whether contacts can be synced to the user's device.")] Boolean ContactSyncBlocked;
    [Write, Description("TimePeriod before the all-level pin must be reset if PinRequired is set to True.")] String PeriodBeforePinReset;
    [Write, Description("Indicates whether printing is allowed from managed apps.")] Boolean PrintBlocked;
    [Write, Description("Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.")] Boolean FingerprintBlocked;
    [Write, Description("Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True.")] Boolean FaceIdBlocked;
    [Write, Description("Indicates in which managed browser(s) that internet links should be opened. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. Possible values are: notConfigured, microsoftEdge."), ValueMap{"notConfigured","microsoftEdge"}, Values{"notConfigured","microsoftEdge"}] String ManagedBrowser;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredAppVersion;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredOSVersion;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredSdkVersion;
    [Write, Description("Versions less than the specified version will result in warning message on the managed app")] String MinimumWarningAppVersion;
    [Write, Description("Versions less than the specified version will result in warning message on the managed app from accessing company data.")] String MinimumWarningOSVersion;
    [Write, Description("Require app data to be encrypted.")] String AppDataEncryptionType;
    [Write, Description("List of IDs representing the iOS apps controlled by this protection policy.")] String Apps[];
    [Write, Description("List of IDs of the groups assigned to this iOS Protection Policy.")] String Assignments[];
    [Write, Description("List of IDs of the groups that are excluded from this iOS Protection Policy.")] String ExcludedGroups[];
    [Write, Description("A custom browser protocol to open weblink on iOS.")] String CustomBrowserProtocol;
    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
    [Write, Description("Credentials of the Intune Admin."), EmbeddedInstance("MSFT_Credential")] string Credential;
    [Write, Description("ID of the Azure Active Directory application to authenticate with.")] String ApplicationId;
    [Write, Description("ID of the Azure Active Directory tenant used for authentication.")] String TenantId;
    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;
    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;
    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
};