SCAutoSensitivityLabelRule¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Key | String | Name of the Rule. | |
| Policy | Required | String | Name of the associated Policy. | |
| AccessScope | Write | String | The AccessScope parameter specifies a condition for the auto-labeling policy rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope. Valid values are: InOrganization, NotInOrganization, None | InOrganization, NotInOrganization, None |
| AnyOfRecipientAddressContainsWords | Write | String | The AnyOfRecipientAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words or phrases separated by commas. | |
| AnyOfRecipientAddressMatchesPatterns | Write | String | The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions. | |
| Comment | Write | String | The Comment parameter specifies an optional comment. | |
| ContentContainsSensitiveInformation | Write | MSFT_SCDLPContainsSensitiveInformation | The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type. | |
| ContentExtensionMatchesWords | Write | String | The ContentExtensionMatchesWords parameter specifies a condition for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas. | |
| Disabled | Write | Boolean | The Disabled parameter specifies whether the auto-labeling policy rule is enabled or disabled. | |
| DocumentIsPasswordProtected | Write | Boolean | The DocumentIsPasswordProtected parameter specifies a condition for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files. | |
| DocumentIsUnsupported | Write | Boolean | The DocumentIsUnsupported parameter specifies a condition for the auto-labeling policy rule that looks for files that can't be scanned. | |
| ExceptIfAccessScope | Write | String | The ExceptIfAccessScopeAccessScope parameter specifies an exception for the auto-labeling policy rule that's based on the access scope of the content. The rule isn't applied to content that matches the specified access scope. Valid values are: InOrganization, NotInOrganization, None | InOrganization, NotInOrganization, None |
| ExceptIfAnyOfRecipientAddressContainsWords | Write | String | The ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words separated by commas. | |
| ExceptIfAnyOfRecipientAddressMatchesPatterns | Write | String | The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions. | |
| ExceptIfContentContainsSensitiveInformation | Write | MSFT_SCDLPContainsSensitiveInformation | The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the auto-labeling policy rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type. | |
| ExceptIfContentExtensionMatchesWords | Write | StringArray[] | The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas. | |
| ExceptIfDocumentIsPasswordProtected | Write | Boolean | The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files. | |
| ExceptIfDocumentIsUnsupported | Write | Boolean | The ExceptIfDocumentIsUnsupported parameter specifies an exception for the auto-labeling policy rule that looks for files that can't be scanned. | |
| ExceptIfFrom | Write | StringArray[] | The ExceptIfFrom parameter specifies an exception for the auto-labeling policy rule that looks for messages from specific senders. You can use any value that uniquely identifies the sender. | |
| ExceptIfFromAddressContainsWords | Write | String | The ExceptIfFromAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas. | |
| ExceptIfFromAddressMatchesPatterns | Write | String | The ExceptIfFromAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions. | |
| ExceptIfFromMemberOf | Write | StringArray[] | The ExceptIfFromMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent by group members. You identify the group members by their email addresses. You can enter multiple values separated by commas. | |
| ExceptIfHeaderMatchesPatterns | Write | StringArray[] | The HeaderMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions. | |
| ExceptIfProcessingLimitExceeded | Write | Boolean | The ExceptIfProcessingLimitExceeded parameter specifies an exception for the auto-labeling policy rule that looks for files where scanning couldn't complete. | |
| ExceptIfRecipientDomainIs | Write | StringArray[] | The ExceptIfRecipientDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas. | |
| ExceptIfSenderDomainIs | Write | StringArray[] | The ExceptIfSenderDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains. You can specify multiple values separated by commas. | |
| ExceptIfSenderIPRanges | Write | StringArray[] | The ExceptIfSenderIpRanges parameter specifies an exception for the auto-labeling policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges. | |
| ExceptIfSentTo | Write | StringArray[] | The ExceptIfSentTo parameter specifies an exception for the auto-labeling policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. | |
| ExceptIfSentToMemberOf | Write | StringArray[] | The ExceptIfSentToMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address. You can specify multiple values separated by commas. | |
| ExceptIfSubjectMatchesPatterns | Write | String | The ExceptIfSubjectMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions. | |
| FromAddressContainsWords | Write | String | The FromAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas. | |
| FromAddressMatchesPatterns | Write | String | The FromAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions. | |
| HeaderMatchesPatterns | Write | MSFT_SCHeaderPattern | The HeaderMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions. | |
| ProcessingLimitExceeded | Write | Boolean | The ProcessingLimitExceeded parameter specifies a condition for the auto-labeling policy rule that looks for files where scanning couldn't complete. You can use this condition to create rules that work together to identify and process messages where the content couldn't be fully scanned. | |
| RecipientDomainIs | Write | StringArray[] | The RecipientDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas. | |
| ReportSeverityLevel | Write | String | The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule. Valid values are: None, Low, Medium, High | None, Low, Medium, High |
| RuleErrorAction | Write | String | The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule. Valid values are: Ignore, RetryThenBlock, blank | Ignore, RetryThenBlock, `` |
| SenderDomainIs | Write | StringArray[] | The SenderDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains. | |
| SenderIPRanges | Write | StringArray[] | The SenderIpRanges parameter specifies a condition for the auto-sensitivity policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges. | |
| SentTo | Write | StringArray[] | The SentTo parameter specifies a condition for the auto-sensitivity policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. | |
| SentToMemberOf | Write | StringArray[] | The SentToMemberOf parameter specifies a condition for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address. | |
| SubjectMatchesPatterns | Write | String | The SubjectMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions. | |
| Workload | Key | String | Workload the rule is associated with. Value can be: Exchange, SharePoint, OneDriveForBusiness | Exchange, SharePoint, OneDriveForBusiness |
| Ensure | Write | String | Specify if this rule should exist or not. | Present, Absent |
| Credential | Write | PSCredential | Credentials of the Exchange Global Admin | |
| ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
| TenantId | Write | String | Id of the Azure Active Directory tenant used for authentication. | |
| CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
| CertificatePassword | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | |
| CertificatePath | Write | String | Path to certificate used in service principal usually a PFX file. |
MSFT_SCHeaderPattern¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Required | String | Name of the header pattern | |
| Values | Required | StringArray[] | Regular expressions for the pattern |
MSFT_SCDLPSensitiveInformation¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| name | Required | String | Name of the Sensitive Information Content | |
| id | Write | String | Id of the Sensitive Information Content | |
| maxconfidence | Write | String | Maximum Confidence level value for the Sensitive Information | |
| minconfidence | Write | String | Minimum Confidence level value for the Sensitive Information | |
| classifiertype | Write | String | Type of Classifier value for the Sensitive Information | |
| mincount | Write | String | Minimum Count value for the Sensitive Information | |
| maxcount | Write | String | Maximum Count value for the Sensitive Information |
MSFT_SCDLPLabel¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| name | Required | String | Name of the Sensitive Label | |
| id | Write | String | Id of the Sensitive Information label | |
| type | Write | String | Type of the Sensitive Information label |
MSFT_SCDLPContainsSensitiveInformationGroup¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| SensitiveInformation | Write | MSFT_SCDLPSensitiveInformation[] | Sensitive Information Content Types | |
| Labels | Write | MSFT_SCDLPLabel[] | Sensitive Information Labels | |
| Name | Required | String | Name of the group | |
| Operator | Required | String | Operator | And, Or |
MSFT_SCDLPContainsSensitiveInformation¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| SensitiveInformation | Write | MSFT_SCDLPSensitiveInformation[] | Sensitive Information Content Types | |
| Groups | Write | MSFT_SCDLPContainsSensitiveInformationGroup[] | Groups of sensitive information types. | |
| Operator | Write | String | Operator | And, Or |
Description¶
This resource configures a Auto Sensitivity Label Rule in Security and Compliance Center.
Permissions¶
Microsoft Graph¶
To authenticate with the Microsoft Graph API, this resource required the following permissions:
Delegated permissions¶
-
Read
- None
-
Update
- None
Application permissions¶
-
Read
- None
-
Update
- None
Examples¶
Example 1¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param
(
[Parameter(Mandatory = $true)]
[PSCredential]
$Credscredential
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
SCAutoSensitivityLabelRule 'TestRule'
{
Comment = 'Detects when 1 to 9 credit card numbers are contained in Exchange items'
ContentContainsSensitiveInformation = MSFT_SCDLPContainsSensitiveInformation
{
operator = 'And'
Groups =
@(MSFT_SCDLPContainsSensitiveInformationGroup
{
operator = 'And'
name = 'Default'
SensitiveInformation = @(
MSFT_SCDLPSensitiveInformation
{
name = 'Credit Card Number'
id = '50842eb7-edc8-4019-85dd-5a5c1f2bb085'
maxconfidence = '100'
minconfidence = '85'
classifiertype = 'Content'
mincount = '1'
maxcount = '9'
}
)
}
)
}
Credential = $Credscredential
Disabled = $False
DocumentIsPasswordProtected = $False
DocumentIsUnsupported = $False
Ensure = 'Present'
ExceptIfDocumentIsPasswordProtected = $False
ExceptIfDocumentIsUnsupported = $False
ExceptIfProcessingLimitExceeded = $False
Name = 'My Test Rule'
Policy = 'My Test Policy'
ProcessingLimitExceeded = $False
ReportSeverityLevel = 'Low'
Workload = 'Exchange'
}
}
}