DSCResources/cSCProtectionAlert/cSCProtectionAlert.schema.psm1
|
configuration cSCProtectionAlert { param ( [Parameter()] [hashtable[]] $Items, [Parameter()] [string] $TenantId, [Parameter()] [bool] $ManagedIdentity, [Parameter()] [pscredential] $Credential, [Parameter()] [string] $CertificateThumbprint, [Parameter()] [pscredential] $ApplicationSecret, [Parameter()] [string] $ApplicationId, [Parameter()] [string[]] $AccessTokens ) <# SCProtectionAlert [String] #ResourceName { Name = [string] [AccessTokens = [string[]]] [AggregationType = [string]{ AnomalousAggregation | CustomAggregation | None | SimpleAggregation }] [AlertBy = [string[]]] [AlertFor = [string[]]] [ApplicationId = [string]] [Category = [string]] [CertificatePassword = [PSCredential]] [CertificatePath = [string]] [CertificateThumbprint = [string]] [Comment = [string]] [Credential = [PSCredential]] [DependsOn = [string[]]] [Disabled = [bool]] [Ensure = [string]{ Absent | Present }] [Filter = [string]] [NotificationCulture = [string]] [NotificationEnabled = [bool]] [NotifyUser = [string[]]] [NotifyUserOnFilterMatch = [bool]] [NotifyUserSuppressionExpiryDate = [DateTime]] [NotifyUserThrottleThreshold = [UInt32]] [NotifyUserThrottleWindow = [UInt32]] [Operation = [string[]]] [PrivacyManagementScopedSensitiveInformationTypes = [string[]]] [PrivacyManagementScopedSensitiveInformationTypesForCounting = [string[]]] [PrivacyManagementScopedSensitiveInformationTypesThreshold = [UInt64]] [PsDscRunAsCredential = [PSCredential]] [Severity = [string]{ High | Informational | Low | Medium }] [TenantId = [string]] [ThreatType = [string]{ Activity | MailFlow | Malicious | MaliciousUrlClick | Malware | Phish }] [Threshold = [UInt32]] [TimeWindow = [UInt32]] [VolumeThreshold = [UInt32]] } #> Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName Microsoft365DSC $dscResourceName = 'SCProtectionAlert' $param = $PSBoundParameters $param.Remove("InstanceName") $dscParameterKeys = 'Name' -split ', ' foreach ($item in $Items) { if (-not $item.ContainsKey('Ensure')) { $item.Ensure = 'Present' } if (-not $item.ContainsKey('TenantId') -and $param.ContainsKey('TenantId')) { $item.TenantId = $TenantId } if (-not $item.ContainsKey('ManagedIdentity') -and $param.ContainsKey('ManagedIdentity')) { $item.ManagedIdentity = $ManagedIdentity } if (-not $item.ContainsKey('Credential') -and $param.ContainsKey('Credential')) { $item.Credential = $Credential } if (-not $item.ContainsKey('CertificateThumbprint') -and $param.ContainsKey('CertificateThumbprint')) { $item.CertificateThumbprint = $CertificateThumbprint } if (-not $item.ContainsKey('ApplicationSecret') -and $param.ContainsKey('ApplicationSecret')) { $item.ApplicationSecret = $ApplicationSecret } if (-not $item.ContainsKey('ApplicationId') -and $param.ContainsKey('ApplicationId')) { $item.ApplicationId = $ApplicationId } if (-not $item.ContainsKey('AccessTokens') -and $param.ContainsKey('AccessTokens')) { $item.AccessTokens = $AccessTokens } $keyValues = foreach ($key in $dscParameterKeys) { $item.$key } $executionName = $keyValues -join '_' $executionName = $executionName -replace "[\s()\\:*-+/{}```"']", '_' (Get-DscSplattedResource -ResourceName $dscResourceName -ExecutionName $executionName -Properties $item -NoInvoke).Invoke($item) } } |