From aef70c18b5a09cbbed356516630892f5a731a2e1 Mon Sep 17 00:00:00 2001 From: "Ritik Mittal (from Dev Box)" Date: Fri, 4 Oct 2024 16:23:45 +0530 Subject: [PATCH 01/10] Added AADOnPremisePublishingProfileConnectorGroup resource --- ...SFT_AADConnectorGroupApplicationProxy.psm1 | 455 ++++++++++++++++++ ...DConnectorGroupApplicationProxy.schema.mof | 16 + .../readme.md | 6 + .../settings.json | 33 ++ .../1-Create.ps1 | 36 ++ .../2-Update.ps1 | 35 ++ .../3-Remove.ps1 | 34 ++ ...ADConnectorGroupApplicationProxy.Tests.ps1 | 198 ++++++++ Tests/Unit/Stubs/Microsoft365.psm1 | 331 +++++++++++++ 9 files changed, 1144 insertions(+) create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/readme.md create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json create mode 100644 Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/1-Create.ps1 create mode 100644 Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/2-Update.ps1 create mode 100644 Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/3-Remove.ps1 create mode 100644 Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADConnectorGroupApplicationProxy.Tests.ps1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 new file mode 100644 index 0000000000..5e244d28ec --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 @@ -0,0 +1,455 @@ +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [System.String] + $Region, + + [Parameter(Mandatory = $true)] + [System.String] + $Id, + + #endregion + + [Parameter()] + [System.String] + [ValidateSet('Absent', 'Present')] + $Ensure = 'Present', + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + try + { + $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` + -InboundParameters $PSBoundParameters + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $nullResult = $PSBoundParameters + $nullResult.Ensure = 'Absent' + + $getValue = $null + #region resource generator code + $getValue = Get-MgBetaOnPremisePublishingProfileConnectorGroup ` + -ConnectorGroupId $Id ` + -OnPremisesPublishingProfileId 'applicationProxy' -ErrorAction SilentlyContinue + + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Azure AD Connector Group Application Proxy with Id {$Id}" + return $nullResult + } + #endregion + + $Id = $getValue.Id + Write-Verbose -Message "An Azure AD Connector Group Application Proxy with Id {$Id} was found" + + $enumRegion = $null + if ($null -ne $getValue.Region) + { + $enumRegion = $getValue.Region.ToString() + } + #endregion + + $results = @{ + #region resource generator code + Name = $getValue.Name + Region = $enumRegion + Id = $getValue.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + #endregion + } + + return [System.Collections.Hashtable] $results + } + catch + { + New-M365DSCLogEntry -Message 'Error retrieving data:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + return $nullResult + } +} + +function Set-TargetResource +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [System.String] + $Region, + + [Parameter(Mandatory = $true)] + [System.String] + $Id, + + #endregion + [Parameter()] + [System.String] + [ValidateSet('Absent', 'Present')] + $Ensure = 'Present', + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $currentInstance = Get-TargetResource @PSBoundParameters + + $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters + $OnPremisesPublishingProfileId = "applicationProxy" + + if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') + { + Write-Verbose -Message "Creating an Azure AD Connector Group Application Proxy with Name {$DisplayName}" + + $createParameters = ([Hashtable]$BoundParameters).Clone() + $createParameters = Rename-M365DSCCimInstanceParameter -Properties $createParameters + $createParameters.Remove('Id') | Out-Null + + #region resource generator code + $policy = New-MgBetaOnPremisePublishingProfileConnectorGroup ` + -OnPremisesPublishingProfileId $OnPremisesPublishingProfileId ` + -BodyParameter $createParameters + #endregion + } + elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') + { + Write-Verbose -Message "Updating the Azure AD Connector Group Application Proxy with Id {$($currentInstance.Id)}" + + $updateParameters = ([Hashtable]$BoundParameters).Clone() + $updateParameters.Remove('Id') | Out-Null + + Update-MgBetaOnPremisePublishingProfileConnectorGroup ` + -ConnectorGroupId $currentInstance.Id ` + -OnPremisesPublishingProfileId $OnPremisesPublishingProfileId ` + -BodyParameter $UpdateParameters + #endregion + } + elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') + { + Write-Verbose -Message "Removing the Azure AD Connector Group Application Proxy with Id {$($currentInstance.Id)}" + #region resource generator code + Remove-MgBetaOnPremisePublishingProfileConnectorGroup ` + -ConnectorGroupId $currentInstance.Id ` + -OnPremisesPublishingProfileId $OnPremisesPublishingProfileId + #endregion + } +} + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + #region resource generator code + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [System.String] + $Region, + + [Parameter(Mandatory = $true)] + [System.String] + $Id, + + #endregion + + [Parameter()] + [System.String] + [ValidateSet('Absent', 'Present')] + $Ensure = 'Present', + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + Write-Verbose -Message "Testing configuration of the Azure AD Connector Group Application Proxy with Id {$Id} and Name {$Name}" + + $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() + + if ($CurrentValues.Ensure -ne $Ensure) + { + Write-Verbose -Message "Test-TargetResource returned $false" + return $false + } + $testResult = $true + + $ValuesToCheck.Remove('Id') | Out-Null + $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" + + if ($testResult) + { + $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } + + Write-Verbose -Message "Test-TargetResource returned $testResult" + + return $testResult +} + +function Export-TargetResource +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` + -InboundParameters $PSBoundParameters + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + #region resource generator code + [array]$getValue = Get-MgBetaOnPremisePublishingProfileConnectorGroup -OnPremisesPublishingProfileId 'applicationProxy' -ErrorAction Stop + #endregion + + $i = 1 + $dscContent = '' + if ($getValue.Length -eq 0) + { + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + else + { + Write-Host "`r`n" -NoNewline + } + foreach ($config in $getValue) + { + $displayedKey = $config.Id + if (-not [string]::IsNullOrEmpty($config.name)) + { + $displayedKey = $config.name + } + + Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline + $params = @{ + Id = $config.Id + Name = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + } + + $Results = Get-TargetResource @Params + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential + + $dscContent += $currentDSCBlock + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + $i++ + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + return $dscContent + } + catch + { + Write-Host $Global:M365DSCEmojiRedX + + New-M365DSCLogEntry -Message 'Error during Export:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + return '' + } +} + +Export-ModuleMember -Function *-TargetResource diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof new file mode 100644 index 0000000000..a41c3653cf --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof @@ -0,0 +1,16 @@ + +[ClassVersion("1.0.0.0"), FriendlyName("AADConnectorGroupApplicationProxy")] +class MSFT_AADConnectorGroupApplicationProxy : OMI_BaseResource +{ + [Write, Description("The name associated with the connectorGroup.")] String Name; + [Write, Description("The region the connectorGroup is assigned to and will optimize traffic for. This region can only be set if no connectors or applications are assigned to the connectorGroup. The possible values are: nam (for North America), eur (for Europe), aus (for Australia), asia (for Asia), ind (for India), and unknownFutureValue."), ValueMap{"nam","eur","aus","asia","ind","unknownFutureValue"}, Values{"nam","eur","aus","asia","ind","unknownFutureValue"}] String Region; + [Key, Description("The unique identifier for an entity. Read-only.")] String Id; + [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; + [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; + [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; + [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; + [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; + [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/readme.md new file mode 100644 index 0000000000..8067eb666a --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/readme.md @@ -0,0 +1,6 @@ + +# AADConnectorGroupApplicationProxy + +## Description + +Azure AD Connector Group Application Proxy diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json new file mode 100644 index 0000000000..8394b8c68b --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json @@ -0,0 +1,33 @@ +{ + "resourceName": "AADConnectorGroupApplicationProxy", + "description": "This resource configures an Azure AD Connector Group Application Proxy.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Directory.ReadWrite.All" + } + ], + "update": [ + { + "name": "Directory.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Directory.ReadWrite.All" + } + ], + "update": [ + { + "name": "Directory.ReadWrite.All" + } + ] + } + } + } +} + diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/1-Create.ps1 new file mode 100644 index 0000000000..2f3be28fb9 --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/1-Create.ps1 @@ -0,0 +1,36 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + AADConnectorGroupApplicationProxy "AADConnectorGroupApplicationProxy-testgroup" + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Present"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + Name = "testgroup"; + Region = "nam"; + } + } +} diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/2-Update.ps1 new file mode 100644 index 0000000000..fd34be2c06 --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/2-Update.ps1 @@ -0,0 +1,35 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint + ) + Import-DscResource -ModuleName Microsoft365DSC + node localhost + { + AADConnectorGroupApplicationProxy "AADConnectorGroupApplicationProxy-testgroup" + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Present"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + Name = "testgroup-new"; + Region = "nam"; + } + } +} diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/3-Remove.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/3-Remove.ps1 new file mode 100644 index 0000000000..79c6eefb37 --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/AADConnectorGroupApplicationProxy/3-Remove.ps1 @@ -0,0 +1,34 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + AADConnectorGroupApplicationProxy "AADConnectorGroupApplicationProxy-testgroup" + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Absent"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + } + } +} diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADConnectorGroupApplicationProxy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADConnectorGroupApplicationProxy.Tests.ps1 new file mode 100644 index 0000000000..8b3034c05e --- /dev/null +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADConnectorGroupApplicationProxy.Tests.ps1 @@ -0,0 +1,198 @@ +[CmdletBinding()] +param( +) +$M365DSCTestFolder = Join-Path -Path $PSScriptRoot ` + -ChildPath '..\..\Unit' ` + -Resolve +$CmdletModule = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Microsoft365.psm1' ` + -Resolve) +$GenericStubPath = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Generic.psm1' ` + -Resolve) +Import-Module -Name (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\UnitTestHelper.psm1' ` + -Resolve) + +$Global:DscHelper = New-M365DscUnitTestHelper -StubModule $CmdletModule ` + -DscResource "AADConnectorGroupApplicationProxy" -GenericStubModule $GenericStubPath +Describe -Name $Global:DscHelper.DescribeHeader -Fixture { + InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { + Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope + BeforeAll { + + $secpasswd = ConvertTo-SecureString (New-Guid | Out-String) -AsPlainText -Force + $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) + + Mock -CommandName Confirm-M365DSCDependencies -MockWith { + } + + Mock -CommandName Get-PSSession -MockWith { + } + + Mock -CommandName Remove-PSSession -MockWith { + } + + Mock -CommandName Update-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + } + + Mock -CommandName New-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + } + + Mock -CommandName Remove-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + } + + Mock -CommandName New-M365DSCConnection -MockWith { + return "Credentials" + } + + # Mock Write-Host to hide output during the tests + Mock -CommandName Write-Host -MockWith { + } + $Script:exportedInstances =$null + $Script:ExportMode = $false + } + # Test contexts + Context -Name "The AADConnectorGroupApplicationProxy should exist but it DOES NOT" -Fixture { + BeforeAll { + $testParams = @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + Ensure = "Present" + Credential = $Credential; + } + + Mock -CommandName Get-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + return $null + } + } + It 'Should return Values from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be 'Absent' + } + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + It 'Should Create the group from the Set method' { + Set-TargetResource @testParams + Should -Invoke -CommandName New-MgBetaOnPremisePublishingProfileConnectorGroup -Exactly 1 + } + } + + Context -Name "The AADConnectorGroupApplicationProxy exists but it SHOULD NOT" -Fixture { + BeforeAll { + $testParams = @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + Ensure = "Absent" + Credential = $Credential; + } + + Mock -CommandName Get-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + return @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + } + } + } + + It 'Should return Values from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be 'Present' + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It 'Should Remove the group from the Set method' { + Set-TargetResource @testParams + Should -Invoke -CommandName Remove-MgBetaOnPremisePublishingProfileConnectorGroup -Exactly 1 + } + } + Context -Name "The AADConnectorGroupApplicationProxy Exists and Values are already in the desired state" -Fixture { + BeforeAll { + $testParams = @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + Ensure = "Present" + Credential = $Credential; + } + + Mock -CommandName Get-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + return @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + + } + } + } + + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + + Context -Name "The AADConnectorGroupApplicationProxy exists and values are NOT in the desired state" -Fixture { + BeforeAll { + $testParams = @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + Ensure = 'Present' + Credential = $Credential; + } + + Mock -CommandName Get-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + return @{ + Id = "FakeStringValue" + Name = "NewFakeStringValue" + Region = "nam" + } + } + } + + It 'Should return Values from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be 'Present' + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It 'Should call the Set method' { + Set-TargetResource @testParams + Should -Invoke -CommandName Update-MgBetaOnPremisePublishingProfileConnectorGroup -Exactly 1 + } + } + + Context -Name 'ReverseDSC Tests' -Fixture { + BeforeAll { + $Global:CurrentModeIsExport = $true + $Global:PartialExportFileName = "$(New-Guid).partial.ps1" + $testParams = @{ + Credential = $Credential + } + + Mock -CommandName Get-MgBetaOnPremisePublishingProfileConnectorGroup -MockWith { + return @{ + Id = "FakeStringValue" + Name = "FakeStringValue" + Region = "nam" + + } + } + } + It 'Should Reverse Engineer resource from the Export method' { + $result = Export-TargetResource @testParams + $result | Should -Not -BeNullOrEmpty + } + } + } +} + +Invoke-Command -ScriptBlock $Global:DscHelper.CleanupScript -NoNewScope diff --git a/Tests/Unit/Stubs/Microsoft365.psm1 b/Tests/Unit/Stubs/Microsoft365.psm1 index af684909f3..9a27e57934 100644 --- a/Tests/Unit/Stubs/Microsoft365.psm1 +++ b/Tests/Unit/Stubs/Microsoft365.psm1 @@ -94722,3 +94722,334 @@ function Update-MgBetaExternalConnection ) } #endregion +#region MgBetaOnPremisePublishingProfileConnectorGroup +function Get-MgBetaOnPremisePublishingProfileConnectorGroup +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $ConnectorGroupId, + + [Parameter()] + [System.String] + $OnPremisesPublishingProfileId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [System.String[]] + $ExpandProperty, + + [Parameter()] + [System.String[]] + $Property, + + [Parameter()] + [System.String] + $Filter, + + [Parameter()] + [System.String] + $Search, + + [Parameter()] + [System.Int32] + $Skip, + + [Parameter()] + [System.String[]] + $Sort, + + [Parameter()] + [System.Int32] + $Top, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials, + + [Parameter()] + [System.Int32] + $PageSize, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $All, + + [Parameter()] + [System.String] + $CountVariable + ) +} + +function New-MgBetaOnPremisePublishingProfileConnectorGroup +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $OnPremisesPublishingProfileId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [PSObject] + $BodyParameter, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.Hashtable] + $AdditionalProperties, + + [Parameter()] + [PSObject[]] + $Applications, + + [Parameter()] + [System.String] + $ConnectorGroupType, + + [Parameter()] + [System.String] + $Id, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsDefault, + + [Parameter()] + [PSObject[]] + $Members, + + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [System.String] + $Region, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Confirm + ) +} + +function Remove-MgBetaOnPremisePublishingProfileConnectorGroup +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $ConnectorGroupId, + + [Parameter()] + [System.String] + $OnPremisesPublishingProfileId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $PassThru, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Confirm + ) +} + +function Update-MgBetaOnPremisePublishingProfileConnectorGroup +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $ConnectorGroupId, + + [Parameter()] + [System.String] + $OnPremisesPublishingProfileId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [PSObject] + $BodyParameter, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.Hashtable] + $AdditionalProperties, + + [Parameter()] + [PSObject[]] + $Applications, + + [Parameter()] + [System.String] + $ConnectorGroupType, + + [Parameter()] + [System.String] + $Id, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsDefault, + + [Parameter()] + [PSObject[]] + $Members, + + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [System.String] + $Region, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Confirm + ) +} + +#endregion + From 23a3ec2d4d3800ae8746f3aaae1318ac7e8c6059 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Fri, 4 Oct 2024 10:54:42 +0000 Subject: [PATCH 02/10] Updated {Create} AAD Integration Tests --- .../M365DSCIntegration.AAD.Create.Tests.ps1 | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 index d45e6582da..c51f4401d2 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 @@ -149,6 +149,16 @@ SignInFrequencyValue = 1; State = "disabled"; } + AADConnectorGroupApplicationProxy 'AADConnectorGroupApplicationProxy-testgroup' + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Present"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + Name = "testgroup"; + Region = "nam"; + } AADCrossTenantAccessPolicyConfigurationPartner 'AADCrossTenantAccessPolicyConfigurationPartner' { PartnerTenantId = "e7a80bcf-696e-40ca-8775-a7f85fbb3ebc"; # O365DSC.onmicrosoft.com From 4b8eef74a768a48ad379aacf537a3049337e6970 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Fri, 4 Oct 2024 10:54:59 +0000 Subject: [PATCH 03/10] Updated {Update} AAD Integration Tests --- .../M365DSCIntegration.AAD.Update.Tests.ps1 | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Update.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Update.Tests.ps1 index c9363e1d89..8fb74044f3 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Update.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Update.Tests.ps1 @@ -459,6 +459,16 @@ SignInFrequencyValue = 2; # Updated Porperty State = "disabled"; } + AADConnectorGroupApplicationProxy 'AADConnectorGroupApplicationProxy-testgroup' + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Present"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + Name = "testgroup-new"; + Region = "nam"; + } AADCrossTenantAccessPolicy 'AADCrossTenantAccessPolicy' { AllowedCloudEndpoints = @("microsoftonline.us"); From d5b241abf69a0a11615ce2fa21ac349817f43db1 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Fri, 4 Oct 2024 10:55:12 +0000 Subject: [PATCH 04/10] Updated {Update} AAD Integration Tests --- .../M365DSCIntegration.AAD.Remove.Tests.ps1 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Remove.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Remove.Tests.ps1 index e4054cdd9c..50df775325 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Remove.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Remove.Tests.ps1 @@ -149,6 +149,14 @@ TenantId = $TenantId CertificateThumbprint = $CertificateThumbprint } + AADConnectorGroupApplicationProxy 'AADConnectorGroupApplicationProxy-testgroup' + { + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Ensure = "Absent"; + Id = "4984dcf7-d9e9-4663-90b4-5db09f92a669"; + } AADCrossTenantAccessPolicyConfigurationPartner 'AADCrossTenantAccessPolicyConfigurationPartner' { ApplicationId = $ApplicationId From c1b857bc5a75a6aaf2495e3e20168dcd7f791402 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Fri, 4 Oct 2024 10:56:25 +0000 Subject: [PATCH 05/10] Updated Schema Definition --- Modules/Microsoft365DSC/SchemaDefinition.json | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json index 08ad6e8253..a7ecb03652 100644 --- a/Modules/Microsoft365DSC/SchemaDefinition.json +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -2499,6 +2499,66 @@ } ] }, + { + "ClassName": "MSFT_AADConnectorGroupApplicationProxy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Region", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" + } + ] + }, { "ClassName": "MSFT_AADCrossTenantAccessPolicy", "Parameters": [ From b3c5dc7fb2924043bd9b05a10ff4eb4614a96f87 Mon Sep 17 00:00:00 2001 From: "Ritik Mittal (from Dev Box)" Date: Fri, 4 Oct 2024 16:30:57 +0530 Subject: [PATCH 06/10] Added changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f91122ea29..6d7033497e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,8 @@ * Added ReportSuspiciousActivitySettings * AADAuthenticationMethodPolicyHardware * Initial release. +* AADConnectorGroupApplicationProxy + * Initial release. * AADEntitlementManagementSettings * Initial release. * AADFeatureRolloutPolicy From 6889a1ad9bff67e9da3d656f5cba5b55bd684196 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Mon, 7 Oct 2024 12:19:42 +0000 Subject: [PATCH 07/10] Updated Schema Definition --- Modules/Microsoft365DSC/SchemaDefinition.json | 165 ++++++++++++++++++ 1 file changed, 165 insertions(+) diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json index b836530747..121abd66c4 100644 --- a/Modules/Microsoft365DSC/SchemaDefinition.json +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -19489,6 +19489,171 @@ } ] }, + { + "ClassName": "MSFT_IntuneAppAndBrowserIsolationPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "RoleScopeTagIds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowWindowsDefenderApplicationGuard", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ClipboardSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SaveFilesToHost", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InstallWindowsDefenderApplicationGuard", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ClipboardFileType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowPersistence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowVirtualGPU", + "Option": "Write" + }, + { + "CIMType": "SInt32[]", + "Name": "PrintingSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowCameraMicrophoneRedirection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuditApplicationGuard", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CertificateThumbprints", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseIPRange", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseCloudResources", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseNetworkDomainNames", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseProxyServers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseInternalProxyServers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NeutralResources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseProxyServersAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseIPRangesAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" + } + ] + }, { "ClassName": "MSFT_IntuneAppCategory", "Parameters": [ From 5086ba8adc8c7e07031d2d878f9eb59fb55a62a1 Mon Sep 17 00:00:00 2001 From: "Ritik Mittal (from Dev Box)" Date: Tue, 8 Oct 2024 16:52:00 +0530 Subject: [PATCH 08/10] added name as primary key --- ...SFT_AADConnectorGroupApplicationProxy.psm1 | 50 +++++++++++++------ ...DConnectorGroupApplicationProxy.schema.mof | 4 +- 2 files changed, 37 insertions(+), 17 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 index 5e244d28ec..d77e4aa571 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 @@ -4,7 +4,7 @@ function Get-TargetResource [OutputType([System.Collections.Hashtable])] param ( - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $Name, @@ -13,12 +13,10 @@ function Get-TargetResource [System.String] $Region, - [Parameter(Mandatory = $true)] + [Parameter()] [System.String] $Id, - #endregion - [Parameter()] [System.String] [ValidateSet('Absent', 'Present')] @@ -75,19 +73,42 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaOnPremisePublishingProfileConnectorGroup ` - -ConnectorGroupId $Id ` - -OnPremisesPublishingProfileId 'applicationProxy' -ErrorAction SilentlyContinue + if (-not [string]::IsNullOrEmpty($Id)) + { + if ($null -ne $Script:exportedInstances -and $Script:ExportMode) + { + $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + } + else + { + $getValue = Get-MgBetaOnPremisePublishingProfileConnectorGroup -ConnectorGroupId $Id -OnPremisesPublishingProfileId 'applicationProxy' -ErrorAction SilentlyContinue + } + } + if ($null -eq $getValue -and -not [string]::IsNullOrEmpty($Id)) + { + Write-Verbose -Message "Could not find an Azure AD Connector Group Application Proxy with Name {$Name}" + if (-Not [string]::IsNullOrEmpty($DisplayName)) + { + if ($null -ne $Script:exportedInstances -and $Script:ExportMode) + { + $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + } + else + { + $getValue = Get-MgBetaOnPremisePublishingProfileConnectorGroup -OnPremisesPublishingProfileId 'applicationProxy' -Filter "Name eq '$Name'" -ErrorAction Stop + } + } + } + #endregion if ($null -eq $getValue) { - Write-Verbose -Message "Could not find an Azure AD Connector Group Application Proxy with Id {$Id}" + Write-Verbose -Message "Could not find an Azure AD Connector Group Application Proxy with Name {$Name}" return $nullResult } - #endregion $Id = $getValue.Id - Write-Verbose -Message "An Azure AD Connector Group Application Proxy with Id {$Id} was found" + Write-Verbose -Message "An Azure AD Connector Group Application Proxy with Id {$Id} and Name {$Name} was found" $enumRegion = $null if ($null -ne $getValue.Region) @@ -130,7 +151,7 @@ function Set-TargetResource [CmdletBinding()] param ( - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $Name, @@ -139,11 +160,10 @@ function Set-TargetResource [System.String] $Region, - [Parameter(Mandatory = $true)] + [Parameter()] [System.String] $Id, - #endregion [Parameter()] [System.String] [ValidateSet('Absent', 'Present')] @@ -240,7 +260,7 @@ function Test-TargetResource param ( #region resource generator code - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $Name, @@ -249,7 +269,7 @@ function Test-TargetResource [System.String] $Region, - [Parameter(Mandatory = $true)] + [Parameter()] [System.String] $Id, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof index a41c3653cf..f38974f6d8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.schema.mof @@ -2,9 +2,9 @@ [ClassVersion("1.0.0.0"), FriendlyName("AADConnectorGroupApplicationProxy")] class MSFT_AADConnectorGroupApplicationProxy : OMI_BaseResource { - [Write, Description("The name associated with the connectorGroup.")] String Name; + [Key, Description("The name associated with the connectorGroup.")] String Name; [Write, Description("The region the connectorGroup is assigned to and will optimize traffic for. This region can only be set if no connectors or applications are assigned to the connectorGroup. The possible values are: nam (for North America), eur (for Europe), aus (for Australia), asia (for Asia), ind (for India), and unknownFutureValue."), ValueMap{"nam","eur","aus","asia","ind","unknownFutureValue"}, Values{"nam","eur","aus","asia","ind","unknownFutureValue"}] String Region; - [Key, Description("The unique identifier for an entity. Read-only.")] String Id; + [Write, Description("The unique identifier for an entity. Read-only.")] String Id; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; From 005e9c3ec3a011c084cef21250ea880312a6d9a3 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Tue, 8 Oct 2024 11:24:53 +0000 Subject: [PATCH 09/10] Updated Schema Definition --- Modules/Microsoft365DSC/SchemaDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json index 1b1c79d4c2..d0ae19637e 100644 --- a/Modules/Microsoft365DSC/SchemaDefinition.json +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -2635,7 +2635,7 @@ { "CIMType": "String", "Name": "Name", - "Option": "Write" + "Option": "Key" }, { "CIMType": "String", @@ -2645,7 +2645,7 @@ { "CIMType": "String", "Name": "Id", - "Option": "Key" + "Option": "Write" }, { "CIMType": "string", From cd6ab092be6848203fdaabdd62a562438112aaf4 Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Tue, 8 Oct 2024 14:27:36 +0000 Subject: [PATCH 10/10] Updated Schema Definition --- Modules/Microsoft365DSC/SchemaDefinition.json | 165 ++++++++++++++++++ 1 file changed, 165 insertions(+) diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json index d0ae19637e..7d261a4265 100644 --- a/Modules/Microsoft365DSC/SchemaDefinition.json +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -264,6 +264,166 @@ } ] }, + { + "ClassName": "MSFT_AADApplicationOnPremisesPublishingSegmentCORS", + "Parameters": [ + { + "CIMType": "String[]", + "Name": "allowedHeaders", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "maxAgeInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "resource", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "allowedMethods", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "allowedOrigins", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplicationOnPremisesPublishingSegment", + "Parameters": [ + { + "CIMType": "String", + "Name": "alternateUrl", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADApplicationOnPremisesPublishingSegmentCORS[]", + "Name": "corsConfigurations", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "externalUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "internalUrl", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplicationOnPremisesPublishingSingleSignOnSettingKerberos", + "Parameters": [ + { + "CIMType": "String", + "Name": "kerberosServicePrincipalName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "kerberosSignOnMappingAttributeType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplicationOnPremisesPublishingSingleSignOnSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "singleSignOnMode", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADApplicationOnPremisesPublishingSingleSignOnSettingKerberos", + "Name": "kerberosSignOnSettings", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplicationOnPremisesPublishing", + "Parameters": [ + { + "CIMType": "String", + "Name": "alternateUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "applicationServerTimeout", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "externalAuthenticationType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "externalUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "internalUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isBackendCertificateValidationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isHttpOnlyCookieEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isPersistentCookieEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isSecureCookieEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isStateSessionEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isTranslateHostHeaderEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isTranslateLinksInBodyEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADApplicationOnPremisesPublishingSegment[]", + "Name": "onPremisesApplicationSegments", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADApplicationOnPremisesPublishingSingleSignOnSetting", + "Name": "singleSignOnSettings", + "Option": "Write" + } + ] + }, { "ClassName": "MSFT_AADApplicationPermission", "Parameters": [ @@ -592,6 +752,11 @@ "Name": "Owners", "Option": "Write" }, + { + "CIMType": "MSFT_AADApplicationOnPremisesPublishing", + "Name": "OnPremisesPublishing", + "Option": "Write" + }, { "CIMType": "String", "Name": "Ensure",