DSCResources/cAADAuthorizationPolicy/cAADAuthorizationPolicy.schema.psm1
|
configuration cAADAuthorizationPolicy { param ( [Parameter(Mandatory = $true)] [ValidateSet('Yes')] [string] $IsSingleInstance, [Parameter()] [string] $DisplayName, [Parameter()] [string] $Description, [Parameter()] [bool] $AllowedToSignUpEmailBasedSubscriptions, [Parameter()] [bool] $AllowedToUseSSPR, [Parameter()] [bool] $AllowEmailVerifiedUsersToJoinOrganization, [Parameter()] [ValidateSet('None', 'AdminsAndGuestInviters', 'AdminsGuestInvitersAndAllMembers', 'Everyone')] [string] $AllowInvitesFrom, [Parameter()] [bool] $BlockMsolPowershell, [Parameter()] [bool] $DefaultUserRoleAllowedToCreateApps, [Parameter()] [bool] $DefaultUserRoleAllowedToCreateSecurityGroups, [Parameter()] [bool] $DefaultUserRoleAllowedToReadBitlockerKeysForOwnedDevice, [Parameter()] [bool] $DefaultUserRoleAllowedToCreateTenants, [Parameter()] [bool] $DefaultUserRoleAllowedToReadOtherUsers, [Parameter()] [ValidateSet('Guest', 'RestrictedGuest', 'User')] [string] $GuestUserRole, [Parameter()] [string[]] $PermissionGrantPolicyIdsAssignedToDefaultUserRole, [Parameter()] [ValidateSet('Present')] [string] $Ensure, [Parameter()] [PSCredential] $Credential, [Parameter()] [string] $ApplicationId, [Parameter()] [string] $TenantId, [Parameter()] [PSCredential] $ApplicationSecret, [Parameter()] [string] $CertificateThumbprint, [Parameter()] [bool] $ManagedIdentity, [Parameter()] [string[]] $AccessTokens ) <# AADAuthorizationPolicy [String] #ResourceName { IsSingleInstance = [string]{ Yes } [AccessTokens = [string[]]] [AllowedToSignUpEmailBasedSubscriptions = [bool]] [AllowedToUseSSPR = [bool]] [AllowEmailVerifiedUsersToJoinOrganization = [bool]] [AllowInvitesFrom = [string]{ AdminsAndGuestInviters | AdminsGuestInvitersAndAllMembers | Everyone | None }] [ApplicationId = [string]] [ApplicationSecret = [PSCredential]] [BlockMsolPowershell = [bool]] [CertificateThumbprint = [string]] [Credential = [PSCredential]] [DefaultUserRoleAllowedToCreateApps = [bool]] [DefaultUserRoleAllowedToCreateSecurityGroups = [bool]] [DefaultUserRoleAllowedToCreateTenants = [bool]] [DefaultUserRoleAllowedToReadBitlockerKeysForOwnedDevice = [bool]] [DefaultUserRoleAllowedToReadOtherUsers = [bool]] [DependsOn = [string[]]] [Description = [string]] [DisplayName = [string]] [Ensure = [string]{ Present }] [GuestUserRole = [string]{ Guest | RestrictedGuest | User }] [ManagedIdentity = [bool]] [PermissionGrantPolicyIdsAssignedToDefaultUserRole = [string[]]] [PsDscRunAsCredential = [PSCredential]] [TenantId = [string]] } #> Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName Microsoft365DSC $dscResourceName = 'AADAuthorizationPolicy' $param = $PSBoundParameters $param.Remove("InstanceName") $dscParameterKeys = 'IsSingleInstance' -split ', ' $keyValues = foreach ($key in $dscParameterKeys) { $param.$key } $executionName = $keyValues -join '_' $executionName = $executionName -replace "[\s()\\:*-+/{}```"']", '_' (Get-DscSplattedResource -ResourceName $dscResourceName -ExecutionName $executionName -Properties $param -NoInvoke).Invoke($param) } |