DSCResources/MSFT_AADPIMGroupSetting/MSFT_AADPIMGroupSetting.schema.mof
|
[ClassVersion("1.0.0.0"), FriendlyName("AADPIMGroupSetting")]
class MSFT_AADPIMGroupSetting : OMI_BaseResource { [Key, Description("RuleDefinition DisplayName")] String DisplayName; [Key, Description("The identifier of the membership or ownership eligibility to the group that is governed by PIM. Required. The possible values are: owner, member. Supports $filter (eq)."), ValueMap{"owner","member"}, Values{"owner","member"}] String RoleDefinitionId; [Write, Description("Specifies the Group Policy Id.")] String Id; [Write, Description("Activation maximum duration (hours).")] String ActivationMaxDuration; [Write, Description("Require justification on activation (True/False)")] Boolean ActivationReqJustification; [Write, Description("Require ticket information on activation (True/False)")] Boolean ActivationReqTicket; [Write, Description("Require MFA on activation (True/False)")] Boolean ActivationReqMFA; [Write, Description("Require approval to activate (True/False)")] Boolean ApprovaltoActivate; [Write, Description("Approver User UPN and/or Group Displayname")] String ActivateApprover[]; [Write, Description("Allow permanent eligible assignment (True/False)")] Boolean PermanentEligibleAssignmentisExpirationRequired ; [Write, Description("Expire eligible assignments after (Days)")] String ExpireEligibleAssignment; [Write, Description("Allow permanent active assignment (True/False)")] Boolean PermanentActiveAssignmentisExpirationRequired; [Write, Description("Expire active assignments after (Days)")] String ExpireActiveAssignment; [Write, Description("Require Azure Multi-Factor Authentication on active assignment (True/False)")] Boolean AssignmentReqMFA; [Write, Description("Require justification on active assignment (True/False)")] Boolean AssignmentReqJustification; [Write, Description("Require Azure Multi-Factor Authentication on eligible assignment (True/False)")] Boolean ElegibilityAssignmentReqMFA; [Write, Description("Require justification on eligible assignment (True/False)")] Boolean ElegibilityAssignmentReqJustification; [Write, Description("Send notifications when members are assigned as eligible to this group: Group assignment alert, default recipient (True/False)")] Boolean EligibleAlertNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this group: Group assignment alert, additional recipient (UPN)")] String EligibleAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this group: Group assignment alert, only critical Email (True/False)")] Boolean EligibleAlertNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as eligible to this group: Notification to the assigned user (assignee), default recipient (True/False)")] Boolean EligibleAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this group: Notification to the assigned user (assignee), additional recipient (UPN)")] String EligibleAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this group: Notification to the assigned user (assignee), only critical Email (True/False)")] Boolean EligibleAssigneeNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as eligible to this group: Request to approve a group assignment renewal/extension, default recipient (True/False)")] Boolean EligibleApproveNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this group: Request to approve a group assignment renewal/extension, additional recipient (UPN)")] String EligibleApproveNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this group: Request to approve a group assignment renewal/extension, only critical Email (True/False)")] Boolean EligibleApproveNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this group: Group assignment alert, default recipient (True/False)")] Boolean ActiveAlertNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this group: Group assignment alert, additional recipient (UPN)")] String ActiveAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this group: Group assignment alert, only critical Email (True/False)")] Boolean ActiveAlertNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this group: Notification to the assigned user (assignee), default recipient (True/False)")] Boolean ActiveAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this group: Notification to the assigned user (assignee), additional recipient (UPN)")] String ActiveAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this group: Notification to the assigned user (assignee), only critical Email (True/False)")] Boolean ActiveAssigneeNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this group: Request to approve a group assignment renewal/extension, default recipient (True/False)")] Boolean ActiveApproveNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this group: Request to approve a group assignment renewal/extension, additional recipient (UPN)")] String ActiveApproveNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this group: Request to approve a group assignment renewal/extension, only critical Email (True/False)")] Boolean ActiveApproveNotificationOnlyCritical; [Write, Description("Send notifications when eligible members activate this group: Group assignment alert, default recipient (True/False)")] Boolean EligibleAssignmentAlertNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this group: Group assignment alert, additional recipient (UPN)")] String EligibleAssignmentAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this group: Group assignment alert, only critical Email (True/False)")] Boolean EligibleAssignmentAlertNotificationOnlyCritical; [Write, Description("Send notifications when eligible members activate this group: Notification to activated user (requestor), default recipient (True/False)")] Boolean EligibleAssignmentAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this group: Notification to activated user (requestor), additional recipient (UPN)")] String EligibleAssignmentAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this group: Notification to activated user (requestor), only critical Email (True/False)")] Boolean EligibleAssignmentAssigneeNotificationOnlyCritical; [Write, Description("Authorization context is required (True/False)")] Boolean AuthenticationContextRequired; [Write, Description("Descriptive name of associated authorization context")] String AuthenticationContextName; [Write, Description("Authorization context id")] String AuthenticationContextId; [Write, Description("Specify if the Azure AD group setting should exist or not."), ValueMap{"Present"}, Values{"Present"}] String Ensure; [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |