From 342d577f528d246a24aabb747a8e72e04a0f1c92 Mon Sep 17 00:00:00 2001 From: Tayhall <4ndrewhall@gmail.com> Date: Mon, 5 Feb 2024 17:29:56 +0000 Subject: [PATCH 1/3] First commit DLPCompliance params --- .../MSFT_SCDLPComplianceRule.psm1 | 521 ++++++++++++++++-- .../MSFT_SCDLPComplianceRule.schema.mof | 33 ++ .../SCDLPComplianceRule.md | 34 +- 3 files changed, 545 insertions(+), 43 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 index 981dd8ac89..6e2493dbc6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 @@ -138,10 +138,144 @@ function Get-TargetResource [System.Boolean] $DocumentIsPasswordProtected, - [Parameter()] + [Parameter()] [System.Boolean] $ExceptIfDocumentIsPasswordProtected, + [Parameter()] + [System.String[]] + $MessageTypeMatches, + + [Parameter()] + [System.String[]] + $ExceptIfMessageTypeMatches, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $FromScope, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $ExceptIfFromScope, + + [Parameter()] + [System.String[]] + $SubjectContainsWords, + + [Parameter()] + [System.String[]] + $SubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $SubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $SubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $ContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfContentPropertyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $FromAddressContainsWords, + + [Parameter()] + [System.String[]] + $FromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $RecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfRecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderIPRanges, + + [Parameter()] + [System.String[]] + $ExceptIfSentTo, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $SentToMemberOf, + + [Parameter()] + [System.String[]] + $DocumentContainsWords, + + [Parameter()] + [System.Boolean] + $ContentIsNotLabeled, + [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] @@ -231,6 +365,11 @@ function Get-TargetResource $AnyOfRecipientAddressContainsWords = $PolicyRule.AnyOfRecipientAddressContainsWords.Replace(' ', '').Split(',') } + if ($null -ne $PolicyRule.ExceptIfAnyOfRecipientAddressContainsWords -and $PolicyRule.ExceptIfAnyOfRecipientAddressContainsWords.count -gt 0) + { + $ExceptIfAnyOfRecipientAddressContainsWords = $PolicyRule.ExceptIfAnyOfRecipientAddressContainsWords.Replace(' ', '').Split(',') + } + if ($null -ne $PolicyRule.AnyOfRecipientAddressMatchesPatterns -and $PolicyRule.AnyOfRecipientAddressMatchesPatterns -gt 0) { $AnyOfRecipientAddressMatchesPatterns = $PolicyRule.AnyOfRecipientAddressMatchesPatterns.Replace(' ', '').Split(',') @@ -247,46 +386,75 @@ function Get-TargetResource } $result = @{ - Ensure = 'Present' - Name = $PolicyRule.Name - Policy = $PolicyRule.ParentPolicyName - AccessScope = $PolicyRule.AccessScope - BlockAccess = $PolicyRule.BlockAccess - BlockAccessScope = $PolicyRule.BlockAccessScope - Comment = $PolicyRule.Comment - ContentContainsSensitiveInformation = $PolicyRule.ContentContainsSensitiveInformation - ExceptIfContentContainsSensitiveInformation = $PolicyRule.ExceptIfContentContainsSensitiveInformation - ContentPropertyContainsWords = $PolicyRule.ContentPropertyContainsWords - Disabled = $PolicyRule.Disabled - GenerateAlert = $PolicyRule.GenerateAlert - GenerateIncidentReport = $PolicyRule.GenerateIncidentReport - IncidentReportContent = $ArrayIncidentReportContent - NotifyAllowOverride = $NotifyAllowOverrideValue - NotifyEmailCustomText = $PolicyRule.NotifyEmailCustomText - NotifyPolicyTipCustomText = $PolicyRule.NotifyPolicyTipCustomText - NotifyUser = $PolicyRule.NotifyUser - ReportSeverityLevel = $PolicyRule.ReportSeverityLevel - RuleErrorAction = $PolicyRule.RuleErrorAction - RemoveRMSTemplate = $PolicyRule.RemoveRMSTemplate - StopPolicyProcessing = $PolicyRule.StopPolicyProcessing - DocumentIsUnsupported = $PolicyRule.DocumentIsUnsupported - ExceptIfDocumentIsUnsupported = $PolicyRule.ExceptIfDocumentIsUnsupported - HasSenderOverride = $PolicyRule.HasSenderOverride - ExceptIfHasSenderOverride = $PolicyRule.ExceptIfHasSenderOverride - ProcessingLimitExceeded = $PolicyRule.ProcessingLimitExceeded - ExceptIfProcessingLimitExceeded = $PolicyRule.ExceptIfProcessingLimitExceeded - DocumentIsPasswordProtected = $PolicyRule.DocumentIsPasswordProtected - ExceptIfDocumentIsPasswordProtected = $PolicyRule.ExceptIfDocumentIsPasswordProtected - AnyOfRecipientAddressContainsWords = $AnyOfRecipientAddressContainsWords - AnyOfRecipientAddressMatchesPatterns = $AnyOfRecipientAddressMatchesPatterns - ContentExtensionMatchesWords = $ContentExtensionMatchesWords - ExceptIfContentExtensionMatchesWords = $ExceptIfContentExtensionMatchesWords - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword + Ensure = 'Present' + Name = $PolicyRule.Name + Policy = $PolicyRule.ParentPolicyName + AccessScope = $PolicyRule.AccessScope + BlockAccess = $PolicyRule.BlockAccess + BlockAccessScope = $PolicyRule.BlockAccessScope + Comment = $PolicyRule.Comment + ContentContainsSensitiveInformation = $PolicyRule.ContentContainsSensitiveInformation + ExceptIfContentContainsSensitiveInformation = $PolicyRule.ExceptIfContentContainsSensitiveInformation + ContentPropertyContainsWords = $PolicyRule.ContentPropertyContainsWords + Disabled = $PolicyRule.Disabled + GenerateAlert = $PolicyRule.GenerateAlert + GenerateIncidentReport = $PolicyRule.GenerateIncidentReport + IncidentReportContent = $ArrayIncidentReportContent + NotifyAllowOverride = $NotifyAllowOverrideValue + NotifyEmailCustomText = $PolicyRule.NotifyEmailCustomText + NotifyPolicyTipCustomText = $PolicyRule.NotifyPolicyTipCustomText + NotifyUser = $PolicyRule.NotifyUser + ReportSeverityLevel = $PolicyRule.ReportSeverityLevel + RuleErrorAction = $PolicyRule.RuleErrorAction + RemoveRMSTemplate = $PolicyRule.RemoveRMSTemplate + StopPolicyProcessing = $PolicyRule.StopPolicyProcessing + DocumentIsUnsupported = $PolicyRule.DocumentIsUnsupported + ExceptIfDocumentIsUnsupported = $PolicyRule.ExceptIfDocumentIsUnsupported + HasSenderOverride = $PolicyRule.HasSenderOverride + ExceptIfHasSenderOverride = $PolicyRule.ExceptIfHasSenderOverride + ProcessingLimitExceeded = $PolicyRule.ProcessingLimitExceeded + ExceptIfProcessingLimitExceeded = $PolicyRule.ExceptIfProcessingLimitExceeded + DocumentIsPasswordProtected = $PolicyRule.DocumentIsPasswordProtected + ExceptIfDocumentIsPasswordProtected = $PolicyRule.ExceptIfDocumentIsPasswordProtected + MessageTypeMatches = $PolicyRule.MessageTypeMatches + ExceptIfMessageTypeMatches = $PolicyRule.ExceptIfMessageTypeMatches + FromScope = $PolicyRule.FromScope + ExceptIfFromScope = $PolicyRule.ExceptIfFromScope + SubjectContainsWords = $PolicyRule.SubjectContainsWords + SubjectMatchesPatterns = $PolicyRule.SubjectMatchesPatterns + SubjectOrBodyContainsWords = $PolicyRule.SubjectOrBodyContainsWords + SubjectOrBodyMatchesPatterns = $PolicyRule.SubjectOrBodyMatchesPatterns + ContentCharacterSetContainsWords = $PolicyRule.ContentCharacterSetContainsWords + DocumentNameMatchesPatterns = $PolicyRule.DocumentNameMatchesPatterns + DocumentNameMatchesWords = $PolicyRule.DocumentNameMatchesWords + ExceptIfAnyOfRecipientAddressMatchesPatterns = $PolicyRule.ExceptIfAnyOfRecipientAddressMatchesPatterns + ExceptIfContentCharacterSetContainsWords = $PolicyRule.ExceptIfContentCharacterSetContainsWords + ExceptIfContentPropertyContainsWords = $PolicyRule.ExceptIfContentPropertyContainsWords + ExceptIfDocumentNameMatchesPatterns = $PolicyRule.ExceptIfDocumentNameMatchesPatterns + ExceptIfDocumentNameMatchesWords = $PolicyRule.ExceptIfDocumentNameMatchesWords + RecipientDomainIs = $PolicyRule.RecipientDomainIs + ExceptIfRecipientDomainIs = $PolicyRule.ExceptIfRecipientDomainIs + ExceptIfSenderDomainIs = $PolicyRule.ExceptIfSenderDomainIs + ExceptIfSenderIPRanges = $PolicyRule.ExceptIfSenderIPRanges + ExceptIfSentTo = $PolicyRule.ExceptIfSentTo + ExceptIfSubjectContainsWords = $PolicyRule.ExceptIfSubjectContainsWords + ExceptIfSubjectMatchesPatterns = $PolicyRule.ExceptIfSubjectMatchesPatterns + ExceptIfSubjectOrBodyContainsWords = $PolicyRule.ExceptIfSubjectOrBodyContainsWords + ExceptIfSubjectOrBodyMatchesPatterns = $PolicyRule.ExceptIfSubjectOrBodyMatchesPatterns + FromAddressMatchesPatterns = $PolicyRule.FromAddressMatchesPatterns + SentToMemberOf = $PolicyRule.FromAddressMatchesPatterns + DocumentContainsWords = $PolicyRule.DocumentContainsWords + ContentIsNotLabeled = $PolicyRule.ContentIsNotLabeled + AnyOfRecipientAddressContainsWords = $AnyOfRecipientAddressContainsWords + AnyOfRecipientAddressMatchesPatterns = $AnyOfRecipientAddressMatchesPatterns + ContentExtensionMatchesWords = $ContentExtensionMatchesWords + ExceptIfContentExtensionMatchesWords = $ExceptIfContentExtensionMatchesWords + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword } $paramsToRemove = @() @@ -458,10 +626,144 @@ function Set-TargetResource [System.Boolean] $DocumentIsPasswordProtected, - [Parameter()] + [Parameter()] [System.Boolean] $ExceptIfDocumentIsPasswordProtected, + [Parameter()] + [System.String[]] + $MessageTypeMatches, + + [Parameter()] + [System.String[]] + $ExceptIfMessageTypeMatches, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $FromScope, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $ExceptIfFromScope, + + [Parameter()] + [System.String[]] + $SubjectContainsWords, + + [Parameter()] + [System.String[]] + $SubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $SubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $SubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $ContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfContentPropertyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $FromAddressContainsWords, + + [Parameter()] + [System.String[]] + $FromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $RecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfRecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderIPRanges, + + [Parameter()] + [System.String[]] + $ExceptIfSentTo, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $SentToMemberOf, + + [Parameter()] + [System.String[]] + $DocumentContainsWords, + + [Parameter()] + [System.Boolean] + $ContentIsNotLabeled, + [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] @@ -561,6 +863,7 @@ function Set-TargetResource $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + Write-Verbose -Message "Calling New-DLPComplianceRule with Values: $(Convert-M365DscHashtableToString -Hashtable $CreationParams)" New-DLPComplianceRule @CreationParams } @@ -772,6 +1075,140 @@ function Test-TargetResource [System.Boolean] $ExceptIfDocumentIsPasswordProtected, + [Parameter()] + [System.String[]] + $MessageTypeMatches, + + [Parameter()] + [System.String[]] + $ExceptIfMessageTypeMatches, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $FromScope, + + [Parameter()] + [ValidateSet('InOrganization', 'NotInOrganization')] + [System.String[]] + $ExceptIfFromScope, + + [Parameter()] + [System.String[]] + $SubjectContainsWords, + + [Parameter()] + [System.String[]] + $SubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $SubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $SubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $ContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $DocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfAnyOfRecipientAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfContentCharacterSetContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfContentPropertyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfDocumentNameMatchesWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfFromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $FromAddressContainsWords, + + [Parameter()] + [System.String[]] + $FromAddressMatchesPatterns, + + [Parameter()] + [System.String[]] + $RecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfRecipientDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderDomainIs, + + [Parameter()] + [System.String[]] + $ExceptIfSenderIPRanges, + + [Parameter()] + [System.String[]] + $ExceptIfSentTo, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectMatchesPatterns, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyContainsWords, + + [Parameter()] + [System.String[]] + $ExceptIfSubjectOrBodyMatchesPatterns, + + [Parameter()] + [System.String[]] + $SentToMemberOf, + + [Parameter()] + [System.String[]] + $DocumentContainsWords, + + [Parameter()] + [System.Boolean] + $ContentIsNotLabeled, + [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof index 851847008e..af95ed23e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof @@ -72,6 +72,39 @@ class MSFT_SCDLPComplianceRule : OMI_BaseResource [Write, Description("The ExceptIfProcessingLimitExceeded parameter specifies an exception for the DLP rule that looks for files where scanning couldn't complete.")] Boolean ExceptIfProcessingLimitExceeded; [Write, Description("The DocumentIsPasswordProtected parameter specifies a condition for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.")] Boolean DocumentIsPasswordProtected; [Write, Description("The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files. ")] Boolean ExceptIfDocumentIsPasswordProtected; + [Write, Description("The MessageTypeMatches parameter specifies a condition for the DLP rule that looks for types of SMIME message patterns.")] String MessageTypeMatches[]; + [Write, Description("The FromScope parameter specifies wether messages from inside or outside the organisation are in scope for the DLP rule.")] String FromScope[]; + [Write, Description("The ExceptIfFromScope parameter specifies wether messages from inside or outside the organisation are in scope for the DLP rule.")] String ExceptIfFromScope[]; + [Write, Description("The SubjectContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in the Subject field of messages. You can specify multiple words or phrases separated by commas.")] String SubjectContainsWords[]; + [Write, Description("The SubjectMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.")] String SubjectMatchesPatterns[]; + [Write, Description("The SubjectOrBodyContainsWords parameter specifies a condition for the rule that looks for words in the Subject field or body of messages.")] String SubjectOrBodyContainsWords[]; + [Write, Description("The SubjectOrBodyMatchesPatterns parameter specifies a condition for the rule that looks for text patterns in the Subject field or body of messages.")] String SubjectOrBodyMatchesPatterns[]; + [Write, Description("The ContentCharacterSetContainsWords parameter specifies a condition for the rule that looks for character set names in messages. You can specify multiple values separated by commas.")] String ContentCharacterSetContainsWords[]; + [Write, Description("The DocumentNameMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.")] String DocumentNameMatchesPatterns[]; + [Write, Description("The DocumentNameMatchesWords parameter specifies a condition for the DLP rule that looks for words or phrases in the name of message attachments. ")] String DocumentNameMatchesWords[]; + [Write, Description("he ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in recipient email addresses.")] String ExceptIfAnyOfRecipientAddressContainsWords[]; + [Write, Description("The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.")] String ExceptIfAnyOfRecipientAddressMatchesPatterns[]; + [Write, Description("The ExceptIfContentCharacterSetContainsWords parameter specifies an exception for the rule that looks for character set names in messages.")] String ExceptIfContentCharacterSetContainsWords[]; + [Write, Description("The ExceptIfContentPropertyContainsWords parameter specifies an exception for the DLP rule that's based on a property match in content.")] String ExceptIfContentPropertyContainsWords[]; + [Write, Description("The ExceptIfDocumentNameMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.")] String ExceptIfDocumentNameMatchesPatterns[]; + [Write, Description("The ExceptIfDocumentNameMatchesWords parameter specifies an exception for the DLP rule that looks for words or phrases in the name of message attachments.")] String ExceptIfDocumentNameMatchesWords[]; + [Write, Description("The ExceptIfFromAddressContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in the sender's email address.")] String ExceptIfFromAddressContainsWords[]; + [Write, Description("The ExceptIfFromAddressMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the sender's email address by using regular expressions.")] String ExceptIfFromAddressMatchesPatterns[]; + [Write, Description("The FromAddressContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in the sender's email address.")] String FromAddressContainsWords[]; + [Write, Description("The FromAddressMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the sender's email address by using regular expressions. ")] String FromAddressMatchesPatterns[]; + [Write, Description("The ExceptIfMessageTypeMatches parameter specifies an exception for the rule that looks for messages of the specified type.")] String ExceptIfMessageTypeMatches[]; + [Write, Description("The RecipientDomainIs parameter specifies a condition for the DLP rule that looks for recipients with email addresses in the specified domains.")] String RecipientDomainIs[]; + [Write, Description("The ExceptIfRecipientDomainIs parameter specifies an exception for the DLP rule that looks for recipients with email addresses in the specified domains.")] String ExceptIfRecipientDomainIs[]; + [Write, Description("The ExceptIfSenderDomainIs parameter specifies an exception for the DLP rule that looks for messages from senders with email address in the specified domains. ")] String ExceptIfSenderDomainIs[]; + [Write, Description("The ExceptIfSenderIpRanges parameter specifies an exception for the DLP rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.")] String ExceptIfSenderIPRanges[]; + [Write, Description("The ExceptIfSentTo parameter specifies an exception for the DLP rule that looks for recipients in messages. You identify the recipients by email address.")] String ExceptIfSentTo[]; + [Write, Description("The ExceptIfSubjectContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in the Subject field of messages.")] String ExceptIfSubjectContainsWords[]; + [Write, Description("The ExceptIfSubjectMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.")] String ExceptIfSubjectMatchesPatterns[]; + [Write, Description("The ExceptIfSubjectOrBodyContainsWords parameter specifies an exception for the rule that looks for words in the Subject field or body of messages.")] String ExceptIfSubjectOrBodyContainsWords[]; + [Write, Description("The ExceptIfSubjectOrBodyMatchesPatterns parameter specifies an exception for the rule that looks for text patterns in the Subject field or body of messages.")] String ExceptIfSubjectOrBodyMatchesPatterns[]; + [Write, Description("The DocumentContainsWords parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.")] String DocumentContainsWords[]; + [Write, Description("The SentToMemberOf parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.")] String SentToMemberOf[]; + [Write, Description("The ContentIsNotLabeled parameter specifies if the content is labeled. A True or False condition.")] Boolean ContentIsNotLabeled; [Write, Description("The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ContentExtensionMatchesWords[]; [Write, Description("The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ExceptIfContentExtensionMatchesWords[]; }; diff --git a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md index 2dbbf71950..aebe4746c6 100644 --- a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md +++ b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md @@ -44,7 +44,39 @@ | **ExceptIfDocumentIsPasswordProtected** | Write | Boolean | The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files. | | | **ContentExtensionMatchesWords** | Write | StringArray[] | The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas. | | | **ExceptIfContentExtensionMatchesWords** | Write | StringArray[] | The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas. | | - +| **MessageTypeMatches** | Write | StringArray[] | The MessageTypeMatches parameter specifies a condition for the DLP rule that looks for types of SMIME message patterns.| | +| **FromScope** | Write | StringArray[] | The FromScope parameter specifies wether messages from inside or outside the organisation are in scope for the DLP rule.| | +| **ExceptIfFromScope** | Write | StringArray[] | The parameter specifies wether messages from inside or outside the organisation are in scope for the DLP rule.| | +| **SubjectContainsWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words or phrases in the Subject field of messages. You can specify multiple words or phrases separated by commas.| | +| **SubjectMatchesPatterns** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.| | +| **SubjectOrBodyContainsWords** | Write | StringArray[] | The parameter specifies a condition for the rule that looks for words in the Subject field or body of messages.| | +| **SubjectOrBodyMatchesPatterns** | Write | StringArray[] | The parameter specifies a condition for the rule that looks for text patterns in the Subject field or body of messages.| | +| **ContentCharacterSetContainsWords** | Write | StringArray[] | The parameter specifies a condition for the rule that looks for character set names in messages. You can specify multiple values separated by commas.| | +| **DocumentNameMatchesPatterns** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.| | +| **DocumentNameMatchesWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words or phrases in the name of message attachments. | | +**ExceptIfAnyOfRecipientAddressContainsWords** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for words or phrases in recipient email addresses.| | +| **ExceptIfAnyOfRecipientAddressMatchesPatterns** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.| | +| **ExceptIfContentCharacterSetContainsWords** | Write | StringArray[] | The parameter specifies an exception for the rule that looks for character set names in messages.| | +| **ExceptIfContentPropertyContainsWords** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that's based on a property match in content.| | +| **ExceptIfDocumentNameMatchesPatterns** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.| | +| **ExceptIfDocumentNameMatchesWords** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for words or phrases in the name of message attachments.| | +| **ExceptIfFromAddressContainsWords** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for words or phrases in the sender's email address.| | +| **ExceptIfFromAddressMatchesPatterns** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for text patterns in the sender's email address by using regular expressions.| | +| **FromAddressContainsWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words or phrases in the sender's email address.| | +| **FromAddressMatchesPatterns** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for text patterns in the sender's email address by using regular expressions. | | +| **ExceptIfMessageTypeMatches** | Write | StringArray[] | The parameter specifies an exception for the rule that looks for messages of the specified type.| | +| **RecipientDomainIs** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for recipients with email addresses in the specified domains.| | +| **ExceptIfRecipientDomainIs** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for recipients with email addresses in the specified domains.| | +| **ExceptIfSenderDomainIs** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for messages from senders with email address in the specified domains. | | +| **ExceptIfSenderIpRanges** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.| | +| **ExceptIfSentTo** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for recipients in messages. You identify the recipients by email address.| | +| **ExceptIfSubjectContainsWords** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for words or phrases in the Subject field of messages.| | +| **ExceptIfSubjectMatchesPatterns** | Write | StringArray[] | The parameter specifies an exception for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.| | +| **ExceptIfSubjectOrBodyContainsWords** | Write | StringArray[] | The parameter specifies an exception for the rule that looks for words in the Subject field or body of messages.| | +| **ExceptIfSubjectOrBodyMatchesPatterns** | Write | StringArray[] | The parameter specifies an exception for the rule that looks for text patterns in the Subject field or body of messages.| | +| **DocumentContainsWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.| | +| **SentToMemberOf** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.| | +| **ContentIsNotLabeled** | Write | Boolean | The parameter specifies if the content is labeled. A True or False condition. | | ### MSFT_SCDLPSensitiveInformation #### Parameters From ed4e62cb3ae82b8c7e8b7c8bb2eae33bab9f2cd8 Mon Sep 17 00:00:00 2001 From: Tayhall <4ndrewhall@gmail.com> Date: Tue, 6 Feb 2024 15:46:05 +0000 Subject: [PATCH 2/3] added setheader and none for blockaccessscope --- .../MSFT_SCDLPComplianceRule.psm1 | 19 ++++++++++++++++--- .../MSFT_SCDLPComplianceRule.schema.mof | 3 ++- .../SCDLPComplianceRule.md | 1 + 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 index 6e2493dbc6..603ba9521a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 @@ -22,7 +22,7 @@ function Get-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser')] + [ValidateSet('All', 'PerUser','None')] [System.String] $BlockAccessScope, @@ -272,6 +272,10 @@ function Get-TargetResource [System.String[]] $DocumentContainsWords, + [Parameter()] + [System.String[]] + $SetHeader, + [Parameter()] [System.Boolean] $ContentIsNotLabeled, @@ -445,6 +449,7 @@ function Get-TargetResource SentToMemberOf = $PolicyRule.FromAddressMatchesPatterns DocumentContainsWords = $PolicyRule.DocumentContainsWords ContentIsNotLabeled = $PolicyRule.ContentIsNotLabeled + SetHeader = $PolicyRule.SetHeader AnyOfRecipientAddressContainsWords = $AnyOfRecipientAddressContainsWords AnyOfRecipientAddressMatchesPatterns = $AnyOfRecipientAddressMatchesPatterns ContentExtensionMatchesWords = $ContentExtensionMatchesWords @@ -510,7 +515,7 @@ function Set-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser')] + [ValidateSet('All', 'PerUser','None')] [System.String] $BlockAccessScope, @@ -760,6 +765,10 @@ function Set-TargetResource [System.String[]] $DocumentContainsWords, + [Parameter()] + [System.String[]] + $SetHeader, + [Parameter()] [System.Boolean] $ContentIsNotLabeled, @@ -955,7 +964,7 @@ function Test-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser')] + [ValidateSet('All', 'PerUser','None')] [System.String] $BlockAccessScope, @@ -1205,6 +1214,10 @@ function Test-TargetResource [System.String[]] $DocumentContainsWords, + [Parameter()] + [System.String[]] + $SetHeader, + [Parameter()] [System.Boolean] $ContentIsNotLabeled, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof index af95ed23e7..b8c38f51da 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof @@ -38,7 +38,7 @@ class MSFT_SCDLPComplianceRule : OMI_BaseResource [Required, Description("Name of the associated DLP Compliance Policy.")] String Policy; [Write, Description("The AccessScope parameter specifies a condition for the DLP rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope."), ValueMap{"InOrganization","NotInOrganization", "None"}, Values{"InOrganization","NotInOrganization", "None"}] String AccessScope; [Write, Description("The BlockAccess parameter specifies an action for the DLP rule that blocks access to the source item when the conditions of the rule are met. $true: Blocks further access to the source item that matched the rule. The owner, author, and site owner can still access the item. $false: Allows access to the source item that matched the rule. This is the default value.")] Boolean BlockAccess; - [Write, Description("The BlockAccessScope parameter specifies the scope of the block access action."), ValueMap{"All", "PerUser"}, Values{"All", "PerUser"}] String BlockAccessScope; + [Write, Description("The BlockAccessScope parameter specifies the scope of the block access action."), ValueMap{"All", "PerUser","None"}, Values{"All", "PerUser","None"}] String BlockAccessScope; [Write, Description("The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks.")] String Comment; [Write, Description("The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type."), EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformation")] String ContentContainsSensitiveInformation; [Write, Description("The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type."), EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformation")] String ExceptIfContentContainsSensitiveInformation; @@ -105,6 +105,7 @@ class MSFT_SCDLPComplianceRule : OMI_BaseResource [Write, Description("The DocumentContainsWords parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.")] String DocumentContainsWords[]; [Write, Description("The SentToMemberOf parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.")] String SentToMemberOf[]; [Write, Description("The ContentIsNotLabeled parameter specifies if the content is labeled. A True or False condition.")] Boolean ContentIsNotLabeled; + [Write, Description("The SetHeader The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas")] String SetHeader[]; [Write, Description("The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ContentExtensionMatchesWords[]; [Write, Description("The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ExceptIfContentExtensionMatchesWords[]; }; diff --git a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md index aebe4746c6..f0679370ee 100644 --- a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md +++ b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md @@ -77,6 +77,7 @@ | **DocumentContainsWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.| | | **SentToMemberOf** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.| | | **ContentIsNotLabeled** | Write | Boolean | The parameter specifies if the content is labeled. A True or False condition. | | +| **SetHeader** | Write | StringArray[] | The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas"| | ### MSFT_SCDLPSensitiveInformation #### Parameters From f82ee382ac1c99753f5c7cc1b273ae93ef9bfec3 Mon Sep 17 00:00:00 2001 From: Tayhall <4ndrewhall@gmail.com> Date: Tue, 6 Feb 2024 15:47:41 +0000 Subject: [PATCH 3/3] removed quote --- docs/docs/resources/security-compliance/SCDLPComplianceRule.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md index f0679370ee..0d09c8ef2e 100644 --- a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md +++ b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md @@ -77,7 +77,7 @@ | **DocumentContainsWords** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.| | | **SentToMemberOf** | Write | StringArray[] | The parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.| | | **ContentIsNotLabeled** | Write | Boolean | The parameter specifies if the content is labeled. A True or False condition. | | -| **SetHeader** | Write | StringArray[] | The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas"| | +| **SetHeader** | Write | StringArray[] | The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas| | ### MSFT_SCDLPSensitiveInformation #### Parameters