DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.schema.mof

[ClassVersion("1.0.0.0"), FriendlyName("IntuneAppProtectionPolicyAndroid")]
class MSFT_IntuneAppProtectionPolicyAndroid : OMI_BaseResource
{
    [Key, Description("Display name of the Android App Protection Policy.")] String DisplayName;
    [Write, Description("Description of the Android App Protection Policy.")] String Description;
    [Write, Description("The period after which access is checked when the device is not connected to the internet.")] String PeriodOfflineBeforeAccessCheck;
    [Write, Description("The period after which access is checked when the device is connected to the internet.")] String PeriodOnlineBeforeAccessCheck;
    [Write, Description("Sources from which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedInboundDataTransferSources;
    [Write, Description("Destinations to which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedOutboundDataTransferDestinations;
    [Write, Description("Indicates whether organizational credentials are required for app use.")] Boolean OrganizationalCredentialsRequired;
    [Write, Description("The level to which the clipboard may be shared between apps on the managed device. Possible values are: allApps, managedAppsWithPasteIn, managedApps, blocked."), ValueMap{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}, Values{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}] String AllowedOutboundClipboardSharingLevel;
    [Write, Description("Indicates whether the backup of a managed app's data is blocked.")] Boolean DataBackupBlocked;
    [Write, Description("Indicates whether device compliance is required.")] Boolean DeviceComplianceRequired;
    [Write, Description("Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for Android) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android).")] Boolean ManagedBrowserToOpenLinksRequired;
    [Write, Description("Indicates whether users may use the Save As menu item to save a copy of protected files.")] Boolean SaveAsBlocked;
    [Write, Description("The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.")] String PeriodOfflineBeforeWipeIsEnforced;
    [Write, Description("Indicates whether an app-level pin is required.")] Boolean PinRequired;
    [write, description("Indicates whether use of the app pin is required if the device pin is set.")] Boolean DisableAppPinIfDevicePinIsSet;
    [Write, Description("Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.")] UInt32 MaximumPinRetries;
    [Write, Description("Block simple PIN and require complex PIN to be set.")] Boolean SimplePinBlocked;
    [Write, Description("Minimum pin length required for an app-level pin if PinRequired is set to True.")] UInt32 MinimumPinLength;
    [Write, Description("Character set which may be used for an app-level pin if PinRequired is set to True. Possible values are: numeric, alphanumericAndSymbol."), ValueMap{"numeric","alphanumericAndSymbol"}, Values{"numeric","alphanumericAndSymbol"}] String PinCharacterSet;
    [Write, Description("Data storage locations where a user may store managed data.")] String AllowedDataStorageLocations[];
    [Write, Description("Indicates whether contacts can be synced to the user's device.")] Boolean ContactSyncBlocked;
    [Write, Description("TimePeriod before the all-level pin must be reset if PinRequired is set to True.")] String PeriodBeforePinReset;
    [Write, Description("Indicates whether printing is allowed from managed apps.")] Boolean PrintBlocked;
    [Write, Description("Require user to apply Class 3 Biometrics on their Android device.")] Boolean RequireClass3Biometrics;
    [Write, Description("A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device.")] Boolean RequirePinAfterBiometricChange;
    [Write, Description("Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.")] Boolean FingerprintBlocked;
    [Write, Description("List of IDs representing the Android apps controlled by this protection policy.")] String Apps[];
    [Write, Description("List of IDs of the groups assigned to this Android Protection Policy.")] String Assignments[];
    [Write, Description("List of IDs of the groups that are excluded from this Android Protection Policy.")] String ExcludedGroups[];
    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
    [Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential;
    [Write, Description("ID of the Azure Active Directory application to authenticate with.")] String ApplicationId;
    [Write, Description("ID of the Azure Active Directory tenant used for authentication.")] String TenantId;
    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;
    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;
    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
    [Write, Description("Indicates in which managed browser(s) that internet links should be opened. Used in conjunction with CustomBrowserPackageId, CustomBrowserDisplayName and ManagedBrowserToOpenLinksRequired. Possible values are: notConfigured, microsoftEdge."), ValueMap{"notConfigured","microsoftEdge"}, Values{"notConfigured","microsoftEdge"}] String ManagedBrowser;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredAppVersion;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredOSVersion;
    [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredPatchVersion;
    [Write, Description("Versions less than the specified version will result in warning message on the managed app")] String MinimumWarningAppVersion;
    [Write, Description("Versions less than the specified version will result in warning message on the managed app")] String MinimumWarningOSVersion;
    [Write, Description("Versions less than the specified version will result in warning message on the managed app")] String MinimumWarningPatchVersion;
    [Write, Description("The apps controlled by this protection policy, overrides any values in Apps unless this value is 'selectedPublicApps'."),ValueMap{"allApps", "allMicrosoftApps", "allCoreMicrosoftApps", "selectedPublicApps"}, Values{"allApps", "allMicrosoftApps", "allCoreMicrosoftApps", "selectedPublicApps"}] String AppGroupType;
    [Write, Description("Indicates if the policy is deployed to any inclusion groups or not. Inherited from targetedManagedAppProtection.")] Boolean IsAssigned;
    [Write, Description("Indicates whether or not to Block the user from taking Screenshots.")] Boolean ScreenCaptureBlocked;
    [Write, Description("Indicates whether or not the 'Encrypt org data' value is enabled. True = require")] Boolean EncryptAppData;
    [Write, Description("Indicates whether or not the 'Encrypt org data on enrolled devices' value is enabled. False = require. Only functions if EncryptAppData is set to True")] Boolean DisableAppEncryptionIfDeviceEncryptionIsEnabled;
    [Write, Description("The application name for browser associated with the 'Unmanaged Browser ID'. This name will be displayed to users if the specified browser is not installed.")] String CustomBrowserDisplayName;
    [Write, Description("The application ID for a single browser. Web content (http/s) from policy managed applications will open in the specified browser.")] String CustomBrowserPackageId;
    [Write, Description("Id of the Intune policy. To avoid creation of duplicate policies DisplayName will be searched for if the ID is not found")] String Id;
};