DscConfig.M365

0.6.0

DSCResources/cSCAutoSensitivityLabelRule/cSCAutoSensitivityLabelRule.schema.psm1

                                configuration cSCAutoSensitivityLabelRule {

    param (

        [Parameter()]

        [hashtable[]]

        $Items,

        [Parameter()]

        [string]

        $TenantId,

        [Parameter()]

        [bool]

        $ManagedIdentity,

        [Parameter()]

        [pscredential]

        $Credential,

        [Parameter()]

        [string]

        $CertificateThumbprint,

        [Parameter()]

        [pscredential]

        $ApplicationSecret,

        [Parameter()]

        [string]

        $ApplicationId,

        [Parameter()]

        [string[]]

        $AccessTokens

)

<#

SCAutoSensitivityLabelRule [String] #ResourceName

{

    Name = [string]

    Policy = [string]

    Workload = [string]{ Exchange | OneDriveForBusiness | SharePoint }

    [AccessScope = [string]{ InOrganization | None | NotInOrganization }]

    [AccessTokens = [string[]]]

    [AnyOfRecipientAddressContainsWords = [string]]

    [AnyOfRecipientAddressMatchesPatterns = [string]]

    [ApplicationId = [string]]

    [CertificatePassword = [PSCredential]]

    [CertificatePath = [string]]

    [CertificateThumbprint = [string]]

    [Comment = [string]]

    [ContentContainsSensitiveInformation = [MSFT_SCDLPContainsSensitiveInformation]]

    [ContentExtensionMatchesWords = [string]]

    [Credential = [PSCredential]]

    [DependsOn = [string[]]]

    [Disabled = [bool]]

    [DocumentIsPasswordProtected = [bool]]

    [DocumentIsUnsupported = [bool]]

    [Ensure = [string]{ Absent | Present }]

    [ExceptIfAccessScope = [string]{ InOrganization | None | NotInOrganization }]

    [ExceptIfAnyOfRecipientAddressContainsWords = [string]]

    [ExceptIfAnyOfRecipientAddressMatchesPatterns = [string]]

    [ExceptIfContentContainsSensitiveInformation = [MSFT_SCDLPContainsSensitiveInformation]]

    [ExceptIfContentExtensionMatchesWords = [string[]]]

    [ExceptIfDocumentIsPasswordProtected = [bool]]

    [ExceptIfDocumentIsUnsupported = [bool]]

    [ExceptIfFrom = [string[]]]

    [ExceptIfFromAddressContainsWords = [string]]

    [ExceptIfFromAddressMatchesPatterns = [string]]

    [ExceptIfFromMemberOf = [string[]]]

    [ExceptIfHeaderMatchesPatterns = [string[]]]

    [ExceptIfProcessingLimitExceeded = [bool]]

    [ExceptIfRecipientDomainIs = [string[]]]

    [ExceptIfSenderDomainIs = [string[]]]

    [ExceptIfSenderIPRanges = [string[]]]

    [ExceptIfSentTo = [string[]]]

    [ExceptIfSentToMemberOf = [string[]]]

    [ExceptIfSubjectMatchesPatterns = [string]]

    [FromAddressContainsWords = [string]]

    [FromAddressMatchesPatterns = [string]]

    [HeaderMatchesPatterns = [MSFT_SCHeaderPattern]]

    [ProcessingLimitExceeded = [bool]]

    [PsDscRunAsCredential = [PSCredential]]

    [RecipientDomainIs = [string[]]]

    [ReportSeverityLevel = [string]{ High | Low | Medium | None }]

    [RuleErrorAction = [string]{  | Ignore | RetryThenBlock }]

    [SenderDomainIs = [string[]]]

    [SenderIPRanges = [string[]]]

    [SentTo = [string[]]]

    [SentToMemberOf = [string[]]]

    [SubjectMatchesPatterns = [string]]

    [TenantId = [string]]

}

#>

    Import-DscResource -ModuleName PSDesiredStateConfiguration

    Import-DscResource -ModuleName Microsoft365DSC

    $dscResourceName = 'SCAutoSensitivityLabelRule'

    $param = $PSBoundParameters

    $param.Remove("InstanceName")

    $dscParameterKeys = 'Name, Workload' -split ', '

        foreach ($item in $Items)

        {

            if (-not $item.ContainsKey('Ensure'))

            {

                $item.Ensure = 'Present'

            }

            if (-not $item.ContainsKey('TenantId') -and $param.ContainsKey('TenantId'))

            {

                $item.TenantId = $TenantId

            }

            if (-not $item.ContainsKey('ManagedIdentity') -and $param.ContainsKey('ManagedIdentity'))

            {

                $item.ManagedIdentity = $ManagedIdentity

            }

            if (-not $item.ContainsKey('Credential') -and $param.ContainsKey('Credential'))

            {

                $item.Credential = $Credential

            }

            if (-not $item.ContainsKey('CertificateThumbprint') -and $param.ContainsKey('CertificateThumbprint'))

            {

                $item.CertificateThumbprint = $CertificateThumbprint

            }

            if (-not $item.ContainsKey('ApplicationSecret') -and $param.ContainsKey('ApplicationSecret'))

            {

                $item.ApplicationSecret = $ApplicationSecret

            }

            if (-not $item.ContainsKey('ApplicationId') -and $param.ContainsKey('ApplicationId'))

            {

                $item.ApplicationId = $ApplicationId

            }

            if (-not $item.ContainsKey('AccessTokens') -and $param.ContainsKey('AccessTokens'))

            {

                $item.AccessTokens = $AccessTokens

            }

            $keyValues = foreach ($key in $dscParameterKeys)

        {

            $item.$key

        }

        $executionName = $keyValues -join '_'

        $executionName = $executionName -replace "[\s()\\:*-+/{}```"']", '_'

        (Get-DscSplattedResource -ResourceName $dscResourceName -ExecutionName $executionName -Properties $item -NoInvoke).Invoke($item)

    }

}