DSCResources/MSFT_AzureRoleEligibilityScheduleSettings/MSFT_AzureRoleEligibilityScheduleSettings.schema.mof
|
[ClassVersion("1.0.0.0"), FriendlyName("AzureRoleEligibilityScheduleSettings")]
class MSFT_AzureRoleEligibilityScheduleSettings : OMI_BaseResource { [Key, Description("Display name of the role definition being governed by this policy.")] String RoleDefinitionDisplayName; [Key, Description("The scope of the role management policy. Supports subscriptions/{id}, subscriptions/{id}/resourceGroups/{name}, and providers/Microsoft.Management/managementGroups/{name} scopes.")] String ScopeId; [Write, Description("Specifies the internal Policy Id.")] String PolicyId; [Write, Description("Activation maximum duration (hours).")] String ActivationMaxDuration; [Write, Description("Require justification on activation (True/False).")] Boolean ActivationReqJustification; [Write, Description("Require ticket information on activation (True/False).")] Boolean ActivationReqTicket; [Write, Description("Require MFA on activation (True/False).")] Boolean ActivationReqMFA; [Write, Description("Require approval to activate (True/False).")] Boolean ApprovaltoActivate; [Write, Description("List of approvers by name. Provide the UserPrincipalName for users (e.g., 'john@contoso.com') or the DisplayName for groups (e.g., 'PIM Approvers'). The resource tries to resolve as a user first, then as a group.")] String ActivateApprover[]; [Write, Description("Require authentication context on activation (True/False).")] Boolean ActivationReqAuthContext; [Write, Description("Authentication context claim value (Conditional Access policy id) for activation.")] String ActivationAuthContextId; [Write, Description("Allow permanent eligible assignment (True/False).")] Boolean PermanentEligibleAssignmentisExpirationRequired; [Write, Description("Expire eligible assignments after (Days).")] String ExpireEligibleAssignment; [Write, Description("Allow permanent active assignment (True/False).")] Boolean PermanentActiveAssignmentisExpirationRequired; [Write, Description("Expire active assignments after (Days).")] String ExpireActiveAssignment; [Write, Description("Require Azure Multi-Factor Authentication on active assignment (True/False).")] Boolean AssignmentReqMFA; [Write, Description("Require justification on active assignment (True/False).")] Boolean AssignmentReqJustification; [Write, Description("Require Azure Multi-Factor Authentication on eligible assignment (True/False).")] Boolean EligibilityAssignmentReqMFA; [Write, Description("Require justification on eligible assignment (True/False).")] Boolean EligibilityAssignmentReqJustification; [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, default recipient (True/False).")] Boolean EligibleAlertNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, additional recipient (UPN).")] String EligibleAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, only critical Email (True/False).")] Boolean EligibleAlertNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), default recipient (True/False).")] Boolean EligibleAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), additional recipient (UPN).")] String EligibleAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), only critical Email (True/False).")] Boolean EligibleAssigneeNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, default recipient (True/False).")] Boolean EligibleApproveNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN).")] String EligibleApproveNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False).")] Boolean EligibleApproveNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, default recipient (True/False).")] Boolean ActiveAlertNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, additional recipient (UPN).")] String ActiveAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, only critical Email (True/False).")] Boolean ActiveAlertNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), default recipient (True/False).")] Boolean ActiveAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), additional recipient (UPN).")] String ActiveAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), only critical Email (True/False).")] Boolean ActiveAssigneeNotificationOnlyCritical; [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, default recipient (True/False).")] Boolean ActiveApproveNotificationDefaultRecipient; [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN).")] String ActiveApproveNotificationAdditionalRecipient[]; [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False).")] Boolean ActiveApproveNotificationOnlyCritical; [Write, Description("Send notifications when eligible members activate this role: Role activation alert, default recipient (True/False).")] Boolean ActivationAlertNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this role: Role activation alert, additional recipient (UPN).")] String ActivationAlertNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this role: Role activation alert, only critical Email (True/False).")] Boolean ActivationAlertNotificationOnlyCritical; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False).")] Boolean ActivationAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN).")] String ActivationAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False).")] Boolean ActivationAssigneeNotificationOnlyCritical; [Write, Description("Send notifications when eligible members activate this role: Notification to approvers, default recipient (True/False).")] Boolean ActivationApproveNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this role: Notification to approvers, additional recipient (UPN).")] String ActivationApproveNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this role: Notification to approvers, only critical Email (True/False).")] Boolean ActivationApproveNotificationOnlyCritical; [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |