DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof

[ClassVersion("1.0.0.0"), FriendlyName("AADRoleSetting")]
class MSFT_AADRoleSetting : OMI_BaseResource
{
    [Key, Description("RuleDefinition DisplayName")] String DisplayName;
    [Write, Description("Specifies the RoleId.")] String Id;
    [Write, Description("Activation maximum duration (hours).")] String ActivationMaxDuration;
    [Write, Description("Require justification on activation (True/False)")] Boolean ActivationReqJustification;
    [Write, Description("Require ticket information on activation (True/False)")] Boolean ActivationReqTicket;
    [Write, Description("Require MFA on activation (True/False)")] Boolean ActivationReqMFA;
    [Write, Description("Require approval to activate (True/False)")] Boolean ApprovaltoActivate;
    [Write, Description("Approver User UPN and/or Group Displayname")] String ActivateApprover[];
    [Write, Description("Allow permanent eligible assignment (True/False)")] Boolean PermanentEligibleAssignmentisExpirationRequired ;
    [Write, Description("Expire eligible assignments after (Days)")] String ExpireEligibleAssignment;
    [Write, Description("Allow permanent active assignment (True/False)")] Boolean PermanentActiveAssignmentisExpirationRequired;
    [Write, Description("Expire active assignments after (Days)")] String ExpireActiveAssignment;
    [Write, Description("Require Azure Multi-Factor Authentication on active assignment (True/False)")] Boolean AssignmentReqMFA;
    [Write, Description("Require justification on active assignment (True/False)")] Boolean AssignmentReqJustification;
    [Write, Description("Require Azure Multi-Factor Authentication on eligible assignment (True/False)")] Boolean ElegibilityAssignmentReqMFA;
    [Write, Description("Require justification on eligible assignment (True/False)")] Boolean ElegibilityAssignmentReqJustification;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, default recipient (True/False)")] Boolean EligibleAlertNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, additional recipient (UPN)")] String EligibleAlertNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as eligible to this role: Role assignment alert, only critical Email (True/False)")] Boolean EligibleAlertNotificationOnlyCritical;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), default recipient (True/False)")] Boolean EligibleAssigneeNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), additional recipient (UPN)")] String EligibleAssigneeNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), only critical Email (True/False)")] Boolean EligibleAssigneeNotificationOnlyCritical;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, default recipient (True/False)")] Boolean EligibleApproveNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN)")] String EligibleApproveNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False)")] Boolean EligibleApproveNotificationOnlyCritical;
    [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, default recipient (True/False)")] Boolean ActiveAlertNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, additional recipient (UPN)")] String ActiveAlertNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as active to this role: Role assignment alert, only critical Email (True/False)")] Boolean ActiveAlertNotificationOnlyCritical;
    [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), default recipient (True/False)")] Boolean ActiveAssigneeNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), additional recipient (UPN)")] String ActiveAssigneeNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), only critical Email (True/False)")] Boolean ActiveAssigneeNotificationOnlyCritical;
    [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, default recipient (True/False)")] Boolean ActiveApproveNotificationDefaultRecipient;
    [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN)")] String ActiveApproveNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False)")] Boolean ActiveApproveNotificationOnlyCritical;
    [Write, Description("Send notifications when eligible members activate this role: Role assignment alert, default recipient (True/False)")] Boolean EligibleAssignmentAlertNotificationDefaultRecipient;
    [Write, Description("Send notifications when eligible members activate this role: Role assignment alert, additional recipient (UPN)")] String EligibleAssignmentAlertNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when eligible members activate this role: Role assignment alert, only critical Email (True/False)")] Boolean EligibleAssignmentAlertNotificationOnlyCritical;
    [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False)")] Boolean EligibleAssignmentAssigneeNotificationDefaultRecipient;
    [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN)")] String EligibleAssignmentAssigneeNotificationAdditionalRecipient[];
    [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False)")] Boolean EligibleAssignmentAssigneeNotificationOnlyCritical;
    [Write, Description("Specify if the Azure AD role setting should exist or not."), ValueMap{"Present"}, Values{"Present"}] String Ensure;
    [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential;
    [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;
    [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId;
    [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;
    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;
    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
};