DSCResources/MSFT_AADPermissionGrantPolicy/MSFT_AADPermissionGrantPolicy.schema.mof
|
[ClassVersion("1.0.0")]
class MSFT_AADPermissionGrantConditionSet { [Write, Description("The unique identifier for the condition set.")] String Id; [Write, Description("Set to true to only match on client applications that are from a Microsoft Partner Network verified publisher. Set to false to match on any client app.")] Boolean CertifiedClientApplicationsOnly; [Write, Description("A list of appId values for the client applications to match with, or a list with the single value all to match any client application.")] String ClientApplicationIds[]; [Write, Description("A list of Microsoft Partner Network (MPN) IDs for verified publishers of the client application, or a list with the single value all to match with client apps from any publisher.")] String ClientApplicationPublisherIds[]; [Write, Description("A list of Entra ID tenant IDs in which the client application is registered, or a list with the single value all to match with client apps registered in any tenant.")] String ClientApplicationTenantIds[]; [Write, Description("Set to true to only match on client applications with a verified publisher. Set to false to match on any client app. Default is false.")] Boolean ClientApplicationsFromVerifiedPublisherOnly; [Write, Description("The permission classification for the permission being granted, or all to match with any permission classification (including permissions which are not classified). Default is all.")] String PermissionClassification; [Write, Description("The list of permission display names to match with (e.g. 'User.Read', 'Mail.Send'), or a list with the single value all to match with any permission. Do not use permission GUIDs.")] String Permissions[]; [Write, Description("The permission type of the permission being granted. Possible values: application for application permissions, or delegated for delegated permissions.")] String PermissionType; [Write, Description("The appId of the resource application (e.g. '00000003-0000-0000-c000-000000000000' for Microsoft Graph) for which a permission is being granted, or 'any' to match any resource application. Use the AppId GUID, not the display name.")] String ResourceApplication; }; [ClassVersion("1.0.0.1"), FriendlyName("AADPermissionGrantPolicy")] class MSFT_AADPermissionGrantPolicy : OMI_BaseResource { [Key, Description("The unique identifier for the permission grant policy.")] String Id; [Write, Description("The display name for the permission grant policy.")] String DisplayName; [Write, Description("The description for the permission grant policy.")] String Description; [Write, Description("Condition sets which are included in this permission grant policy. Automatically constructed as part of the permission grant policy."), EmbeddedInstance("MSFT_AADPermissionGrantConditionSet")] String Includes[]; [Write, Description("Condition sets which are excluded in this permission grant policy. Automatically constructed as part of the permission grant policy."), EmbeddedInstance("MSFT_AADPermissionGrantConditionSet")] String Excludes[]; [Write, Description("Specify if the policy should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Entra ID application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Entra ID tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Entra ID application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Entra ID application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |