DSCResources/MSFT_IntuneAntivirusPolicyMacOS/MSFT_IntuneAntivirusPolicyMacOS.schema.mof
|
[ClassVersion("1.0.0.3")]
class MSFT_DeviceManagementConfigurationPolicyAssignments { [Required, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.cloudPcManagementGroupAssignmentTarget","#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.cloudPcManagementGroupAssignmentTarget","#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The display name of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterDisplayName; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0.2")] class MSFT_MicrosoftGraphIntuneSettingsCatalogExclusions { [Required, Description("Type - Depends on exclusions (excludedPath: Path, excludedFileExtension: File extension, excludedFileName: Process name)"), ValueMap{"excludedPath", "excludedFileExtension", "excludedFileName"}, Values{"excludedPath", "excludedFileExtension", "excludedFileName"}] String exclusions_item_type; [Write, Description("File extension - Depends on exclusions_item_type=excludedFileExtension")] String exclusions_item_extension; [Write, Description("File name - exclusions_item_type=excludedFileName")] String exclusions_item_name; [Write, Description("Path - exclusions_item_type=excludedPath")] String exclusions_item_path; [Write, Description("Is directory (false: Disabled, true: Enabled) - Depends on exclusions_item_type=excludedPath"), ValueMap{"false", "true"}, Values{"false", "true"}] String exclusions_item_isDirectory; }; [ClassVersion("1.0.0.2")] class MSFT_MicrosoftGraphIntuneSettingsCatalogthreatTypeSettings { [Required, Description("Threat type - Depends on threatTypeSettings (potentially_unwanted_application, archive_bomb)"), ValueMap{"potentially_unwanted_application", "archive_bomb"}, Values{"potentially_unwanted_application", "archive_bomb"}] String threatTypeSettings_item_key; [Write, Description("Action to take - Depends on threatTypeSettings (audit, block, off)"), ValueMap{"audit", "block", "off"}, Values{"audit", "block", "off"}] String threatTypeSettings_item_value; }; [ClassVersion("1.0.0.0")] class MSFT_MicrosoftGraphIntuneSettingsCatalogExclusions_tamperProtection { [Write, Description("Process's arguments")] String exclusions_item_args_tamperProtection[]; [Write, Description("Process path")] String exclusions_item_path_tamperProtection; [Write, Description("Process's Signing Identifier")] String exclusions_item_signingId_tamperProtection; [Write, Description("Process's TeamIdentifier")] String exclusions_item_teamId_tamperProtection; }; [ClassVersion("1.0.0.1"), FriendlyName("IntuneAntivirusPolicyMacOS")] class MSFT_IntuneAntivirusPolicyMacOS : OMI_BaseResource { [Write, Description("Policy description")] String Description; [Key, Description("Policy name")] String DisplayName; [Write, Description("List of Scope Tags for this Entity instance.")] String RoleScopeTagIds[]; [Write, Description("The unique identifier for an entity. Read-only.")] String Id; [Write, Description("Enable / disable cloud delivered protection (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String enabled; [Write, Description("Enable / disable automatic sample submissions (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String automaticSampleSubmission; [Write, Description("Automatic sample submission Consent (none: none, safe: safe, all: all)"), ValueMap{"none","safe","all"}, Values{"none","safe","all"}] String automaticSampleSubmissionConsent; [Write, Description("Diagnostic collection level (0: optional, 1: required)"), ValueMap{"0", "1"}, Values{"0", "1"}] String diagnosticLevel; [Write, Description("Automatic security intelligence updates (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String automaticDefinitionUpdateEnabled; [Write, Description("Behavior Monitoring (enabled: enabled, disabled: disabled)"), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String behaviorMonitoring; [Write, Description("Check for definitions update (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String checkForDefinitionsUpdate; [Write, Description("Start time. Must be between 0 and 24.")] SInt32 dailyConfiguration_interval; [Write, Description("Time of day. Must be between 0 and 1440.")] SInt32 dailyConfiguration_timeOfDay; [Write, Description("Security intelligence update due (in days). Must be between 1 and 30.")] SInt32 definitionUpdateDue; [Write, Description("Security intelligence update interval (in seconds). Must be between 60 and 86400.")] SInt32 definitionUpdatesInterval; [Write, Description("Enable real-time protection (deprecated) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String enableRealTimeProtection; [Write, Description("Process exclusions"), EmbeddedInstance("MSFT_MicrosoftGraphIntuneSettingsCatalogExclusions_tamperProtection")] String exclusions_tamperProtection[]; [Write, Description("Group identifier")] String groupIds; [Write, Description("Ignore exclusions (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String ignoreExclusions; [Write, Description("Low priority scheduled scan (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String lowPriorityScheduledScan; [Write, Description("Enable offline security intelligence updates (enabled: enabled, disabled: disabled)"), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String offlineDefinitionUpdate; [Write, Description("Fallback to Microsoft cloud updates (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String offlineDefinitionUpdateFallbackToCloud; [Write, Description("URL for a security intelligence updates mirror server")] String offlineDefinitionUpdateUrl; [Write, Description("offline security intelligence updates signature verification (enabled: enabled, disabled: disabled)"), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String offlineDefinitionUpdateVerifySig; [Write, Description("Enable passive mode (deprecated) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String passiveMode; [Write, Description("Performance Profiles (enabled: enabled, disabled: disabled)"), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String performanceProfiles; [Write, Description("Randomize scheduled scan start time. Must be between 0 and 23 hours.")] SInt32 randomizeScanStartTime; [Write, Description("Run scheduled scan when idle (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String runScanWhenIdle; [Write, Description("Scan history size")] SInt32 scanHistoryMaximumItems; [Write, Description("Scan results retention")] SInt32 scanResultsRetentionDays; [Write, Description("Scheduled Scan (enabled: enabled, disabled: disabled)"), ValueMap{"enabled","disabled"}, Values{"enabled","disabled"}] String scheduledScan; [Write, Description("Exclusions merge (0: merge, 1: admin_only)"), ValueMap{"0", "1"}, Values{"0", "1"}] String exclusionsMergePolicy; [Write, Description("Scan exclusions"), EmbeddedInstance("MSFT_MicrosoftGraphIntuneSettingsCatalogexclusions")] String exclusions[]; [Write, Description("Threat type settings"), EmbeddedInstance("MSFT_MicrosoftGraphIntuneSettingsCatalogthreatTypeSettings")] String threatTypeSettings[]; [Write, Description("Threat type settings merge (0: merge, 1: admin_only)"), ValueMap{"0", "1"}, Values{"0", "1"}] String threatTypeSettingsMergePolicy; [Write, Description("Allowed threats")] String allowedThreats[]; [Write, Description("Disallowed threat actions")] String disallowedThreatActions[]; [Write, Description("Degree of parallelism for on-demand scans")] SInt32 maximumOnDemandScanThreads; [Write, Description("Enable file hash computation (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String enableFileHashComputation; [Write, Description("Run a scan after definitions are updated (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String scanAfterDefinitionUpdate; [Write, Description("Scanning inside archive files (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String scanArchives; [Write, Description("Enforcement level (0: disabled, 1: audit, 2: block)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String enforcementLevel; [Write, Description("Enforcement level (0: disabled, 1: audit, 2: block)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String enforcementLevel_tamperProtection; [Write, Description("Control sign-in to consumer version (0: enabled, 1: disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String consumerExperience; [Write, Description("Show / hide status menu icon (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String hideStatusMenuIcon; [Write, Description("User initiated feedback (0: enabled, 1: disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String userInitiatedFeedback; [Write, Description("Enforcement level (0: passive, 1: on_demand, 2: real_time)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String antivirusengine_enforcementLevel; [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[]; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |