CaPolice.dll-Help.xml
|
<?xml version="1.0" encoding="utf-8"?> <helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10"> <command:details> <command:name>Connect-CaPolice</command:name> <command:verb>Connect</command:verb> <command:noun>CaPolice</command:noun> <maml:description> <maml:para>Connects to CaPolice to Graph.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet connects to CaPolice to Graph using the specified authentication method.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Connect-CaPolice</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>Github</maml:name> <maml:description> <maml:para> Try connect to Graph using GitHub Actions workload identity. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="1" aliases="none"> <maml:name>TenantId</maml:name> <maml:description> <maml:para> Specify the Tenant ID for the authentication, is load from the environment variable AZURE_TENANT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="2" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para> Specify the client ID for the authentication, is load from the environment variable AZURE_CLIENT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="20" aliases="none"> <maml:name>Test</maml:name> <maml:description> <maml:para> Test the connection by retrieving a token from Graph and output it to the console. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Connect-CaPolice</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>UseDefaultCredentials</maml:name> <maml:description> <maml:para> Try connect to Graph using DefaultAzureCredential. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="1" aliases="none"> <maml:name>TenantId</maml:name> <maml:description> <maml:para> Specify the Tenant ID for the authentication, is load from the environment variable AZURE_TENANT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="2" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para> Specify the client ID for the authentication, is load from the environment variable AZURE_CLIENT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="20" aliases="none"> <maml:name>Test</maml:name> <maml:description> <maml:para> Test the connection by retrieving a token from Graph and output it to the console. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Connect-CaPolice</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>UseManagedIdentity</maml:name> <maml:description> <maml:para> Try connect to Graph using Managed Identity. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="20" aliases="none"> <maml:name>Test</maml:name> <maml:description> <maml:para> Test the connection by retrieving a token from Graph and output it to the console. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="2" aliases="none"> <maml:name>ClientId</maml:name> <maml:description> <maml:para> Specify the client ID for the authentication, is load from the environment variable AZURE_CLIENT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="1" aliases="none"> <maml:name>TenantId</maml:name> <maml:description> <maml:para> Specify the Tenant ID for the authentication, is load from the environment variable AZURE_TENANT_ID if not specified. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>Github</maml:name> <maml:description> <maml:para> Try connect to Graph using GitHub Actions workload identity. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>UseManagedIdentity</maml:name> <maml:description> <maml:para> Try connect to Graph using Managed Identity. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>UseDefaultCredentials</maml:name> <maml:description> <maml:para> Try connect to Graph using DefaultAzureCredential. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="20" aliases="none"> <maml:name>Test</maml:name> <maml:description> <maml:para> Test the connection by retrieving a token from Graph and output it to the console. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.String</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------------------- GitHub Actions workload identity ----------------------</maml:title> <dev:code>PS C:\> Connect-CaPolice -Github</dev:code> <dev:remarks> <maml:para>Connect to Graph using GitHub Actions workload identity. </maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10"> <command:details> <command:name>Export-CaPolicePolicy</command:name> <command:verb>Export</command:verb> <command:noun>CaPolicePolicy</command:noun> <maml:description> <maml:para>Exports all conditional access policies from the connected tenant to JSON files.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet retrieves all conditional access policies from Microsoft Graph and writes each policy to a file in the specified output directory. The file name is controlled by FileNameFormat, which supports {id}, {displayName}, {tag} and {version} as placeholders and may include path separators to create subdirectories. When a display name follows the convention "TAG: Title-vX.Y", {tag} resolves to the prefix before the colon and {version} resolves to the version suffix; both fall back to sensible defaults when absent. Run Connect-CaPolice before using this cmdlet.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Export-CaPolicePolicy</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="none"> <maml:name>OutputPath</maml:name> <maml:description> <maml:para> The path to the directory where the JSON files will be written. The directory is created if it does not exist. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para> Overwrite existing JSON files in the output directory. Without this switch, existing files are skipped. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>FileNameFormat</maml:name> <maml:description> <maml:para> Format string for the output file name. Supports {id}, {displayName}, {tag} and {version} as placeholders. {tag} is extracted from display names following the "TAG: Title" convention; falls back to {id} when absent. {version} is extracted from display names ending in "-vX.Y"; falls back to "latest" when absent. Path separators are allowed to create subdirectories under OutputPath, for example {tag}/{id}-{version}.json. Defaults to {id}.json. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="0" aliases="none"> <maml:name>OutputPath</maml:name> <maml:description> <maml:para> The path to the directory where the JSON files will be written. The directory is created if it does not exist. </maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="0" aliases="none"> <maml:name>Force</maml:name> <maml:description> <maml:para> Overwrite existing JSON files in the output directory. Without this switch, existing files are skipped. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue> <dev:type> <maml:name>SwitchParameter</maml:name> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="1" aliases="none"> <maml:name>FileNameFormat</maml:name> <maml:description> <maml:para> Format string for the output file name. Supports {id}, {displayName}, {tag} and {version} as placeholders. {tag} is extracted from display names following the "TAG: Title" convention; falls back to {id} when absent. {version} is extracted from display names ending in "-vX.Y"; falls back to "latest" when absent. Path separators are allowed to create subdirectories under OutputPath, for example {tag}/{id}-{version}.json. Defaults to {id}.json. </maml:para> </maml:description> <command:parameterValue required="false" variableLength="false">String</command:parameterValue> <dev:type> <maml:name>String</maml:name> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.IO.FileInfo</maml:name> </dev:type> <maml:description> <maml:para>System.IO.FileInfo</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>------------------------ Export policies to a folder -------------------------</maml:title> <dev:code>PS C:\> Export-CaPolicePolicy -OutputPath ./Policies</dev:code> <dev:remarks> <maml:para>Export all conditional access policies to the ./Policies directory using the default {id}.json file name. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-------------------- Export and overwrite existing files ---------------------</maml:title> <dev:code>PS C:\> Export-CaPolicePolicy -OutputPath ./Policies -Force</dev:code> <dev:remarks> <maml:para>Export all conditional access policies, overwriting any existing JSON files in the output directory. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------------- Export with display name as file name --------------------</maml:title> <dev:code>PS C:\> Export-CaPolicePolicy -OutputPath ./Policies -FileNameFormat "{displayName}.json"</dev:code> <dev:remarks> <maml:para>Export all conditional access policies, using each policy's display name as the file name. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------------- Export into per-policy subdirectories --------------------</maml:title> <dev:code>PS C:\> Export-CaPolicePolicy -OutputPath ./Policies -FileNameFormat "{id}/policy.json"</dev:code> <dev:remarks> <maml:para>Export each policy into its own subdirectory named after its ID. </maml:para> </dev:remarks> </command:example> <command:example> <maml:title>------------- Export with tag subdirectory and version file name -------------</maml:title> <dev:code>PS C:\> Export-CaPolicePolicy -OutputPath ./Policies -FileNameFormat "{tag}/{id}-{version}.json"</dev:code> <dev:remarks> <maml:para>For policies following the "TAG: Title-vX.Y" naming convention, group files by tag and include the version. Policies without a tag fall back to their ID; policies without a version fall back to "latest". </maml:para> </dev:remarks> </command:example> </command:examples> </command:command> </helpItems> |