DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof
[ClassVersion("1.0.0")]
Class MSFT_SCDLPSensitiveInformation { [Required, Description("Name of the Sensitive Information Content")] String name; [Write, Description("Id of the Sensitive Information Content")] String id; [Write, Description("Maximum Confidence level value for the Sensitive Information")] String maxconfidence; [Write, Description("Minimum Confidence level value for the Sensitive Information")] String minconfidence; [Write, Description("Type of Classifier value for the Sensitive Information")] String classifiertype; [Write, Description("Minimum Count value for the Sensitive Information")] String mincount; [Write, Description("Maximum Count value for the Sensitive Information")] String maxcount; }; [ClassVersion("1.0.0")] Class MSFT_SCDLPLabel { [Required, Description("Name of the Sensitive Label")] String name; [Write, Description("Id of the Sensitive Information label")] String id; [Write, Description("Type of the Sensitive Information label")] String type; }; [ClassVersion("1.0.0")] Class MSFT_SCDLPContainsSensitiveInformationGroup { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Sensitive Information Labels"),EmbeddedInstance("MSFT_SCDLPLabel")] String Labels[]; [Required, Description("Name of the group")] String Name; [Required, Description("Operator"),ValueMap{"And","Or"}, Values{"And","Or"}] String Operator; }; [ClassVersion("1.0.0")] Class MSFT_SCDLPContainsSensitiveInformation { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Groups of sensitive information types."),EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformationGroup")] String Groups[]; [Write, Description("Operator"),ValueMap{"And","Or"}, Values{"And","Or"}] String Operator; }; [ClassVersion("1.0.0.0"), FriendlyName("SCDLPComplianceRule")] class MSFT_SCDLPComplianceRule : OMI_BaseResource { [Key, Description("Name of the Rule.")] String Name; [Required, Description("Name of the associated DLP Compliance Policy.")] String Policy; [Write, Description("The AccessScope parameter specifies a condition for the DLP rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope."), ValueMap{"InOrganization","NotInOrganization", "None"}, Values{"InOrganization","NotInOrganization", "None"}] String AccessScope; [Write, Description("The BlockAccess parameter specifies an action for the DLP rule that blocks access to the source item when the conditions of the rule are met. $true: Blocks further access to the source item that matched the rule. The owner, author, and site owner can still access the item. $false: Allows access to the source item that matched the rule. This is the default value.")] Boolean BlockAccess; [Write, Description("The BlockAccessScope parameter specifies the scope of the block access action."), ValueMap{"All", "PerUser"}, Values{"All", "PerUser"}] String BlockAccessScope; [Write, Description("The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks.")] String Comment; [Write, Description("The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type."), EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformation")] String ContentContainsSensitiveInformation; [Write, Description("The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type."), EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformation")] String ExceptIfContentContainsSensitiveInformation; [Write, Description("The ContentPropertyContainsWords parameter specifies a condition for the DLP rule that's based on a property match in content. The rule is applied to content that contains the specified property.")] String ContentPropertyContainsWords[]; [Write, Description("The Disabled parameter specifies whether the DLP rule is disabled.")] Boolean Disabled; [Write, Description("The GenerateAlert parameter specifies an action for the DLP rule that notifies the specified users when the conditions of the rule are met.")] String GenerateAlert[]; [Write, Description("The GenerateIncidentReport parameter specifies an action for the DLP rule that sends an incident report to the specified users when the conditions of the rule are met.")] String GenerateIncidentReport[]; [Write, Description("The IncidentReportContent parameter specifies the content to include in the report when you use the GenerateIncidentReport parameter."), ValueMap{"All", "Default", "DetectionDetails", "Detections", "DocumentAuthor", "DocumentLastModifier", "MatchedItem", "OriginalContent", "RulesMatched", "Service", "Severity", "Title","RetentionLabel","SensitivityLabel"}, Values{"All", "Default", "DetectionDetails", "Detections", "DocumentAuthor", "DocumentLastModifier", "MatchedItem", "OriginalContent", "RulesMatched", "Service", "Severity", "Title","RetentionLabel","SensitivityLabel"}] String IncidentReportContent[]; [Write, Description("The NotifyAllowOverride parameter specifies the notification override options when the conditions of the rule are met."), ValueMap{"FalsePositive", "WithoutJustification", "WithJustification"}, Values{"FalsePositive", "WithoutJustification", "WithJustification"}] String NotifyAllowOverride[]; [Write, Description("The NotifyEmailCustomText parameter specifies the custom text in the email notification message that's sent to recipients when the conditions of the rule are met.")] String NotifyEmailCustomText; [Write, Description("The NotifyPolicyTipCustomText parameter specifies the custom text in the Policy Tip notification message that's shown to recipients when the conditions of the rule are met. The maximum length is 256 characters. HTML tags and tokens (variables) aren't supported.")] String NotifyPolicyTipCustomText; [Write, Description("The NotifyUser parameter specifies an action for the DLP rule that notifies the specified users when the conditions of the rule are met.")] String NotifyUser[]; [Write, Description("The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule."), ValueMap{"Low", "Medium", "High", "None"}, Values{"Low", "Medium", "High", "None"}] String ReportSeverityLevel; [Write, Description("The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule."), ValueMap{"Ignore", "RetryThenBlock"}, Values{"Ignore", "RetryThenBlock"}] String RuleErrorAction; [Write, Description("Specify if this rule should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("The AnyOfRecipientAddressContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in recipient email addresses.")] String AnyOfRecipientAddressContainsWords[]; [Write, Description("The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.")] String AnyOfRecipientAddressMatchesPatterns[]; [Write, Description("The RemoveRMSTemplate parameter specifies an action for the DLP rule that removes Office 365 Message Encryption from messages and their attachments.")] Boolean RemoveRMSTemplate; [Write, Description("The StopPolicyProcessing parameter specifies an action that stops processing more DLP policy rules.")] Boolean StopPolicyProcessing; [Write, Description("The DocumentIsUnsupported parameter specifies a condition for the DLP rule that looks for files that can't be scanned.")] Boolean DocumentIsUnsupported; [Write, Description("The ExceptIfDocumentIsUnsupported parameter specifies an exception for the DLP rule that looks for files that can't be scanned.")] Boolean ExceptIfDocumentIsUnsupported; [Write, Description("The SenderOverride parameter specifies a condition for the rule that looks for messages where the sender chose to override a DLP policy.")] Boolean HasSenderOverride; [Write, Description("The ExceptIfHasSenderOverride parameter specifies an exception for the rule that looks for messages where the sender chose to override a DLP policy.")] Boolean ExceptIfHasSenderOverride; [Write, Description("The ProcessingLimitExceeded parameter specifies a condition for the DLP rule that looks for files where scanning couldn't complete.")] Boolean ProcessingLimitExceeded; [Write, Description("The ExceptIfProcessingLimitExceeded parameter specifies an exception for the DLP rule that looks for files where scanning couldn't complete.")] Boolean ExceptIfProcessingLimitExceeded; [Write, Description("The DocumentIsPasswordProtected parameter specifies a condition for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.")] Boolean DocumentIsPasswordProtected; [Write, Description("The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files. ")] Boolean ExceptIfDocumentIsPasswordProtected; [Write, Description("The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ContentExtensionMatchesWords[]; [Write, Description("The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ExceptIfContentExtensionMatchesWords[]; }; |