From c65e6972428a15fb3bc53ad009182412a5f3972d Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Tue, 3 Sep 2024 14:05:53 -0400 Subject: [PATCH 1/6] Update CHANGELOG.md --- CHANGELOG.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 24b85d6bd6..d9956fd347 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -67,8 +67,6 @@ * M365DSCUtil * Fix `Compare-PSCustomObjectArrays` by allowing empty arrays as input FIXES [#4952](https://github.com/microsoft/Microsoft365DSC/issues/4952) -* O365OrgSettings - * FIXES [#4741](https://github.com/microsoft/Microsoft365DSC/issues/4741) * MISC * Improve module updates and PowerShell Core support across the DSC resources. From d11579cb4e75fcc0e0d935034ad8e8c872990b45 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Sep 2024 13:27:00 -0400 Subject: [PATCH 2/6] FabricAdminTenantSettings - Initial Release. --- CHANGELOG.md | 4 + .../MSFT_FabricAdminTenantSettings.psm1 | 2135 +++++++++++++++++ .../MSFT_FabricAdminTenantSettings.schema.mof | 172 ++ .../MSFT_FabricAdminTenantSettings/readme.md | 6 + .../settings.json | 20 + .../Dependencies/Manifest.psd1 | 2 +- .../4-MonitorOnly.ps1 | 45 + Modules/Microsoft365DSC/Microsoft365DSC.psd1 | 1 + .../Modules/M365DSCReverse.psm1 | 2 +- .../Microsoft365DSC/Modules/M365DSCUtil.psm1 | 4 +- .../WorkloadHelpers/M365DSCFabricHelper.psm1 | 26 + ...365DSC.FabricAdminTenantSettings.Tests.ps1 | 220 ++ 12 files changed, 2633 insertions(+), 4 deletions(-) create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/readme.md create mode 100644 Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/settings.json create mode 100644 Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 create mode 100644 Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCFabricHelper.psm1 create mode 100644 Tests/Unit/Microsoft365DSC/Microsoft365DSC.FabricAdminTenantSettings.Tests.ps1 diff --git a/CHANGELOG.md b/CHANGELOG.md index d9956fd347..6d2f2acbd0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,10 +4,14 @@ * EXOSweepRule * Initial Release. +* FabricAdminTenantSettings + * Initial Release. * M365DSCDRGUtil * Fixes an issue where a Intune settings catalog DSC param was not handled correctly when it was not specified. FIXES [#5000](https://github.com/microsoft/Microsoft365DSC/issues/5000) +* DEPENDENCIES + * Updated MSCloudLoginAssistant to version 1.1.20. # 1.24.828.1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 new file mode 100644 index 0000000000..482c9524c7 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 @@ -0,0 +1,2135 @@ +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet('Yes')] + [System.String] + $IsSingleInstance, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AADSSOForGateway, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeDetailedMetadata, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeExpressions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminCustomDisclaimer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AISkillArtifactTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowAccessOverPrivateLinks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVAuthenticationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVLocalStorageV2Tenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVToExportDataToFileTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowEndorsementMasterDataSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingReceiverSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowFreeTrial, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestLookup, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestUserToAccessSharedContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowPowerBIASDQOnTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendAOAIDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendNLToDaxDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsCreateAndUseProfiles, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsUseReadAdminAPIs, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AppPush, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ArtifactSearchTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASCollectQueryTextTelemetryTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASShareableCloudConnectionBindingSecurityModeTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruContinuousExportTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutoInstallPowerBIAppInTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsEntryPoints, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AzureMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BingMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAccessFromPublicNetworks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAutoDiscoverAndPackageRefresh, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockProtectedLabelSharingToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockResourceKeyAuthentication, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CDSAManagement, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifiedCustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifyDatasets, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ConfigureFolderRetentionPeriod, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CreateAppWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatamartTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatasetExecuteQueries, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DevelopServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsConsumption, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsCertified, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsPromoted, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DremioSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDataSourceInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDownstreamInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionEdit, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionLessElevated, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ElevatedGuestsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSecurityGroupsOnOutage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToB2BUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToExternalUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Embedding, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableAOAI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableDatasetInPlaceSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableExcelYellowIntegration, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableFabricAirflow, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableNLToDax, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableReassignDataDomainSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EsriVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExpFlightingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportReport, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToCsv, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToExcelSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToImage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToMHTML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToPowerPoint, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToWord, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToXML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportVisualImageTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalDatasetSharingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalSharingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricAddPartnerWorkload, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricFeedbackTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricGAWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricThirdPartyWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitHubTenantSettings, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationCrossGeoTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationSensitivityLabelsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GoogleBigQuerySSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GraphQLTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $HealthcareSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallNonvalidatedTemplateApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $KustoDashboardTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LiveConnection, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LogAnalyticsAttachForWorkspaceAdmins, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $M365DataSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Mirroring, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ODSPRefreshEnforcementTenantAllowAutomaticUpdate, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointAllowSharingTenantSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointViewerIntegrationTenantSettingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeFileExplorer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeForThirdParty, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OnPremAnalyzeInExcel, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerBIGoalsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerPlatformSolutionsIntegrationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Printing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PromoteContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishContentPack, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishToWeb, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaFeedbackLoop, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaLsdlSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QueryScaleOutTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RedshiftSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RestrictMyFolderCapacity, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RetailSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RScriptVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ServicePrincipalAccess, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareLinkToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareToTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SnowflakeSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $StorytellingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SustainabilitySolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TemplatePublish, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TenantSettingPublishGetHelpInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TridentPrivatePreview, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetrics, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetricsTrackUserLevelInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UseDatasetsAcrossWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $VisualizeListInPowerBI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebContentTilesTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebModelingTenantSwitch, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + New-M365DSCConnection -Workload 'Fabric' ` + -InboundParameters $PSBoundParameters | Out-Null + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $nullResult = $PSBoundParameters + try + { + if ($null -ne $Script:exportedInstances -and $Script:ExportMode) + { + $instance = $Script:exportedInstances + } + else + { + $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + "/v1/admin/tenantsettings" + $instance = Invoke-M365DSCFabricWebRequest -Uri $uri -Method 'GET' + } + if ($null -eq $instance) + { + return $nullResult + } + + $results = @{ + IsSingleInstance = 'Yes' + AADSSOForGateway = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AADSSOForGateway'}) + AdminApisIncludeDetailedMetadata = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminApisIncludeDetailedMetadata'}) + AdminApisIncludeExpressions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminApisIncludeExpressions'}) + AdminCustomDisclaimer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminCustomDisclaimer'}) + AISkillArtifactTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AISkillArtifactTenantSwitch'}) + AllowAccessOverPrivateLinks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowAccessOverPrivateLinks'}) + AllowCVAuthenticationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVAuthenticationTenant'}) + AllowCVLocalStorageV2Tenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVLocalStorageV2Tenant'}) + AllowCVToExportDataToFileTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVToExportDataToFileTenant'}) + AllowEndorsementMasterDataSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowEndorsementMasterDataSwitch'}) + AllowExternalDataSharingReceiverSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowExternalDataSharingReceiverSwitch'}) + AllowExternalDataSharingSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowExternalDataSharingSwitch'}) + AllowFreeTrial = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowFreeTrial'}) + AllowGuestLookup = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowGuestLookup'}) + AllowGuestUserToAccessSharedContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowGuestUserToAccessSharedContent'}) + AllowPowerBIASDQOnTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowPowerBIASDQOnTenant'}) + AllowSendAOAIDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowSendAOAIDataToOtherRegions'}) + AllowSendNLToDaxDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowSendNLToDaxDataToOtherRegions'}) + AllowServicePrincipalsCreateAndUseProfiles = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowServicePrincipalsCreateAndUseProfiles'}) + AllowServicePrincipalsUseReadAdminAPIs = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowServicePrincipalsUseReadAdminAPIs'}) + AppPush = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AppPush'}) + ArtifactSearchTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ArtifactSearchTenant'}) + ASCollectQueryTextTelemetryTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASCollectQueryTextTelemetryTenantSwitch'}) + ASShareableCloudConnectionBindingSecurityModeTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASShareableCloudConnectionBindingSecurityModeTenant'}) + ASWritethruContinuousExportTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASWritethruContinuousExportTenantSwitch'}) + ASWritethruTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASWritethruTenantSwitch'}) + AutoInstallPowerBIAppInTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutoInstallPowerBIAppInTeamsTenant'}) + AutomatedInsightsEntryPoints = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutomatedInsightsEntryPoints'}) + AutomatedInsightsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutomatedInsightsTenant'}) + AzureMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AzureMap'}) + BingMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BingMap'}) + BlockAccessFromPublicNetworks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockAccessFromPublicNetworks'}) + BlockAutoDiscoverAndPackageRefresh = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockAutoDiscoverAndPackageRefresh'}) + BlockProtectedLabelSharingToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockProtectedLabelSharingToEntireOrg'}) + BlockResourceKeyAuthentication = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockResourceKeyAuthentication'}) + CDSAManagement = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CDSAManagement'}) + CertifiedCustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CertifiedCustomVisualsTenant'}) + CertifyDatasets = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CertifyDatasets'}) + ConfigureFolderRetentionPeriod = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ConfigureFolderRetentionPeriod'}) + CreateAppWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CreateAppWorkspaces'}) + CustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CustomVisualsTenant'}) + DatamartTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DatamartTenant'}) + DatasetExecuteQueries = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DatasetExecuteQueries'}) + DevelopServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DevelopServiceApps'}) + DiscoverDatasetsConsumption = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsConsumption'}) + DiscoverDatasetsSettingsCertified = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsSettingsCertified'}) + DiscoverDatasetsSettingsPromoted = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsSettingsPromoted'}) + DremioSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DremioSSO'}) + EimInformationProtectionDataSourceInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionDataSourceInheritanceSetting'}) + EimInformationProtectionDownstreamInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionDownstreamInheritanceSetting'}) + EimInformationProtectionEdit = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionEdit'}) + EimInformationProtectionLessElevated = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionLessElevated'}) + EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting'}) + ElevatedGuestsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ElevatedGuestsTenant'}) + EmailSecurityGroupsOnOutage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSecurityGroupsOnOutage'}) + EmailSubscriptionsToB2BUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionsToB2BUsers'}) + EmailSubscriptionsToExternalUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionsToExternalUsers'}) + EmailSubscriptionTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionTenant'}) + Embedding = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Embedding'}) + EnableAOAI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableAOAI'}) + EnableDatasetInPlaceSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableDatasetInPlaceSharing'}) + EnableExcelYellowIntegration = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableExcelYellowIntegration'}) + EnableFabricAirflow = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableFabricAirflow'}) + EnableNLToDax = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableNLToDax'}) + EnableReassignDataDomainSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableReassignDataDomainSwitch'}) + EsriVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EsriVisual'}) + ExpFlightingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExpFlightingTenant'}) + ExportReport = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportReport'}) + ExportToCsv = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToCsv'}) + ExportToExcelSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToExcelSetting'}) + ExportToImage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToImage'}) + ExportToMHTML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToMHTML'}) + ExportToPowerPoint = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToPowerPoint'}) + ExportToWord = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToWord'}) + ExportToXML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToXML'}) + ExportVisualImageTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportVisualImageTenant'}) + ExternalDatasetSharingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExternalDatasetSharingTenant'}) + ExternalSharingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExternalSharingV2'}) + FabricAddPartnerWorkload = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricAddPartnerWorkload'}) + FabricFeedbackTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricFeedbackTenantSwitch'}) + FabricGAWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricGAWorkloads'}) + FabricThirdPartyWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricThirdPartyWorkloads'}) + GitHubTenantSettings = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitHubTenantSettings'}) + GitIntegrationCrossGeoTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationCrossGeoTenantSwitch'}) + GitIntegrationSensitivityLabelsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationSensitivityLabelsTenantSwitch'}) + GitIntegrationTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationTenantSwitch'}) + GoogleBigQuerySSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GoogleBigQuerySSO'}) + GraphQLTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GraphQLTenant'}) + HealthcareSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'HealthcareSolutionsTenantSwitch'}) + InstallNonvalidatedTemplateApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'InstallNonvalidatedTemplateApps'}) + InstallServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'InstallServiceApps'}) + KustoDashboardTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'KustoDashboardTenantSwitch'}) + LiveConnection = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'LiveConnection'}) + LogAnalyticsAttachForWorkspaceAdmins = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'LogAnalyticsAttachForWorkspaceAdmins'}) + M365DataSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'M365DataSharing'}) + Mirroring = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Mirroring'}) + ODSPRefreshEnforcementTenantAllowAutomaticUpdate = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ODSPRefreshEnforcementTenantAllowAutomaticUpdate'}) + OneDriveSharePointAllowSharingTenantSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneDriveSharePointAllowSharingTenantSetting'}) + OneDriveSharePointViewerIntegrationTenantSettingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneDriveSharePointViewerIntegrationTenantSettingV2'}) + OneLakeFileExplorer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneLakeFileExplorer'}) + OneLakeForThirdParty = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneLakeForThirdParty'}) + OnPremAnalyzeInExcel = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OnPremAnalyzeInExcel'}) + PowerBIGoalsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PowerBIGoalsTenant'}) + PowerPlatformSolutionsIntegrationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PowerPlatformSolutionsIntegrationTenant'}) + Printing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Printing'}) + PromoteContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PromoteContent'}) + PublishContentPack = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PublishContentPack'}) + PublishToWeb = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PublishToWeb'}) + QnaFeedbackLoop = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QnaFeedbackLoop'}) + QnaLsdlSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QnaLsdlSharing'}) + QueryScaleOutTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QueryScaleOutTenant'}) + RedshiftSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RedshiftSSO'}) + RestrictMyFolderCapacity = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RestrictMyFolderCapacity'}) + RetailSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RetailSolutionsTenantSwitch'}) + RScriptVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RScriptVisual'}) + ServicePrincipalAccess = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ServicePrincipalAccess'}) + ShareLinkToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ShareLinkToEntireOrg'}) + ShareToTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ShareToTeamsTenant'}) + SnowflakeSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'SnowflakeSSO'}) + StorytellingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'StorytellingTenant'}) + SustainabilitySolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'SustainabilitySolutionsTenantSwitch'}) + TemplatePublish = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TemplatePublish'}) + TenantSettingPublishGetHelpInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TenantSettingPublishGetHelpInfo'}) + TridentPrivatePreview = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TridentPrivatePreview'}) + UsageMetrics = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UsageMetrics'}) + UsageMetricsTrackUserLevelInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UsageMetricsTrackUserLevelInfo'}) + UseDatasetsAcrossWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UseDatasetsAcrossWorkspaces'}) + VisualizeListInPowerBI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'VisualizeListInPowerBI'}) + WebContentTilesTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'WebContentTilesTenant'}) + WebModelingTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'WebModelingTenantSwitch'}) + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens + } + return [System.Collections.Hashtable] $results + } + catch + { + New-M365DSCLogEntry -Message 'Error retrieving data:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + return $nullResult + } +} + +function Set-TargetResource +{ + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet('Yes')] + [System.String] + $IsSingleInstance, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AADSSOForGateway, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeDetailedMetadata, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeExpressions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminCustomDisclaimer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AISkillArtifactTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowAccessOverPrivateLinks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVAuthenticationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVLocalStorageV2Tenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVToExportDataToFileTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowEndorsementMasterDataSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingReceiverSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowFreeTrial, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestLookup, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestUserToAccessSharedContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowPowerBIASDQOnTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendAOAIDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendNLToDaxDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsCreateAndUseProfiles, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsUseReadAdminAPIs, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AppPush, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ArtifactSearchTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASCollectQueryTextTelemetryTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASShareableCloudConnectionBindingSecurityModeTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruContinuousExportTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutoInstallPowerBIAppInTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsEntryPoints, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AzureMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BingMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAccessFromPublicNetworks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAutoDiscoverAndPackageRefresh, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockProtectedLabelSharingToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockResourceKeyAuthentication, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CDSAManagement, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifiedCustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifyDatasets, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ConfigureFolderRetentionPeriod, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CreateAppWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatamartTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatasetExecuteQueries, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DevelopServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsConsumption, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsCertified, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsPromoted, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DremioSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDataSourceInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDownstreamInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionEdit, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionLessElevated, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ElevatedGuestsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSecurityGroupsOnOutage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToB2BUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToExternalUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Embedding, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableAOAI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableDatasetInPlaceSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableExcelYellowIntegration, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableFabricAirflow, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableNLToDax, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableReassignDataDomainSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EsriVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExpFlightingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportReport, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToCsv, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToExcelSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToImage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToMHTML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToPowerPoint, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToWord, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToXML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportVisualImageTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalDatasetSharingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalSharingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricAddPartnerWorkload, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricFeedbackTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricGAWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricThirdPartyWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitHubTenantSettings, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationCrossGeoTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationSensitivityLabelsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GoogleBigQuerySSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GraphQLTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $HealthcareSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallNonvalidatedTemplateApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $KustoDashboardTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LiveConnection, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LogAnalyticsAttachForWorkspaceAdmins, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $M365DataSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Mirroring, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ODSPRefreshEnforcementTenantAllowAutomaticUpdate, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointAllowSharingTenantSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointViewerIntegrationTenantSettingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeFileExplorer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeForThirdParty, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OnPremAnalyzeInExcel, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerBIGoalsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerPlatformSolutionsIntegrationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Printing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PromoteContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishContentPack, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishToWeb, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaFeedbackLoop, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaLsdlSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QueryScaleOutTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RedshiftSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RestrictMyFolderCapacity, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RetailSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RScriptVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ServicePrincipalAccess, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareLinkToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareToTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SnowflakeSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $StorytellingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SustainabilitySolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TemplatePublish, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TenantSettingPublishGetHelpInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TridentPrivatePreview, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetrics, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetricsTrackUserLevelInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UseDatasetsAcrossWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $VisualizeListInPowerBI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebContentTilesTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebModelingTenantSwitch, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + Write-Warning -Message "This resource is read-only and does not support changing the settings. It is used for monitoring purposes only." +} + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet('Yes')] + [System.String] + $IsSingleInstance, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AADSSOForGateway, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeDetailedMetadata, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminApisIncludeExpressions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AdminCustomDisclaimer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AISkillArtifactTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowAccessOverPrivateLinks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVAuthenticationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVLocalStorageV2Tenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowCVToExportDataToFileTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowEndorsementMasterDataSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingReceiverSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowExternalDataSharingSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowFreeTrial, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestLookup, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowGuestUserToAccessSharedContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowPowerBIASDQOnTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendAOAIDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowSendNLToDaxDataToOtherRegions, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsCreateAndUseProfiles, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AllowServicePrincipalsUseReadAdminAPIs, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AppPush, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ArtifactSearchTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASCollectQueryTextTelemetryTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASShareableCloudConnectionBindingSecurityModeTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruContinuousExportTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ASWritethruTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutoInstallPowerBIAppInTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsEntryPoints, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AutomatedInsightsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $AzureMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BingMap, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAccessFromPublicNetworks, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockAutoDiscoverAndPackageRefresh, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockProtectedLabelSharingToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $BlockResourceKeyAuthentication, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CDSAManagement, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifiedCustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CertifyDatasets, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ConfigureFolderRetentionPeriod, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CreateAppWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $CustomVisualsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatamartTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DatasetExecuteQueries, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DevelopServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsConsumption, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsCertified, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DiscoverDatasetsSettingsPromoted, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $DremioSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDataSourceInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionDownstreamInheritanceSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionEdit, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionLessElevated, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ElevatedGuestsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSecurityGroupsOnOutage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToB2BUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionsToExternalUsers, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EmailSubscriptionTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Embedding, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableAOAI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableDatasetInPlaceSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableExcelYellowIntegration, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableFabricAirflow, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableNLToDax, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EnableReassignDataDomainSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $EsriVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExpFlightingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportReport, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToCsv, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToExcelSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToImage, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToMHTML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToPowerPoint, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToWord, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportToXML, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExportVisualImageTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalDatasetSharingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ExternalSharingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricAddPartnerWorkload, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricFeedbackTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricGAWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $FabricThirdPartyWorkloads, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitHubTenantSettings, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationCrossGeoTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationSensitivityLabelsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GitIntegrationTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GoogleBigQuerySSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $GraphQLTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $HealthcareSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallNonvalidatedTemplateApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $InstallServiceApps, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $KustoDashboardTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LiveConnection, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $LogAnalyticsAttachForWorkspaceAdmins, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $M365DataSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Mirroring, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ODSPRefreshEnforcementTenantAllowAutomaticUpdate, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointAllowSharingTenantSetting, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneDriveSharePointViewerIntegrationTenantSettingV2, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeFileExplorer, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OneLakeForThirdParty, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $OnPremAnalyzeInExcel, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerBIGoalsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PowerPlatformSolutionsIntegrationTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $Printing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PromoteContent, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishContentPack, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $PublishToWeb, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaFeedbackLoop, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QnaLsdlSharing, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $QueryScaleOutTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RedshiftSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RestrictMyFolderCapacity, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RetailSolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $RScriptVisual, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ServicePrincipalAccess, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareLinkToEntireOrg, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $ShareToTeamsTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SnowflakeSSO, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $StorytellingTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $SustainabilitySolutionsTenantSwitch, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TemplatePublish, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TenantSettingPublishGetHelpInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $TridentPrivatePreview, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetrics, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UsageMetricsTrackUserLevelInfo, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $UseDatasetsAcrossWorkspaces, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $VisualizeListInPowerBI, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebContentTilesTenant, + + [Parameter()] + [Microsoft.Management.Infrastructure.CimInstance] + $WebModelingTenantSwitch, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" + + #Compare Cim instances + foreach ($key in $PSBoundParameters.Keys) + { + $source = $PSBoundParameters.$key + $target = $CurrentValues.$key + if ($source.getType().Name -like '*CimInstance*') + { + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source + + $testResult = Compare-M365DSCComplexObject ` + -Source ($source) ` + -Target ($target) + + if (-Not $testResult) + { + Write-Verbose -Message "Difference found for $key" + $testResult = $false + break + } + + $ValuesToCheck.Remove($key) | Out-Null + + } + } + + if ($testResult) + { + $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } + + Write-Verbose -Message "Test-TargetResource returned $testResult" + + return $testResult +} + +function Export-TargetResource +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + $ConnectionMode = New-M365DSCConnection -Workload 'Fabric' ` + -InboundParameters $PSBoundParameters + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + $Script:ExportMode = $true + $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + "/v1/admin/tenantsettings" + [array] $Script:exportedInstances = Invoke-M365DSCFabricWebRequest -Uri $uri -Method 'GET' + + if ($null -ne $Global:M365DSCExportResourceInstancesCount) + { + $Global:M365DSCExportResourceInstancesCount++ + } + $dscContent = '' + $params = @{ + IsSingleInstance = 'Yes' + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + AccessTokens = $AccessTokens + } + + $Results = Get-TargetResource @Params + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + + $newResults = ([Hashtable]$Results).Clone() + foreach ($key in $Results.Keys) + { + if ($null -ne $Results.$key -and $key -notin $params.Keys) + { + $newResults.$key = Get-M365DSCFabricTenantSettingAsString -Setting $Results.$key + } + } + + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $newResults ` + -Credential $Credential + foreach ($key in $Results.Keys) + { + if ($null -ne $Results.$key -and $key -notin $params.Keys) + { + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` + -ParameterName $key + } + } + $dscContent += $currentDSCBlock + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + Write-Host $Global:M365DSCEmojiGreenCheckMark + return $dscContent + } + catch + { + Write-Host $Global:M365DSCEmojiRedX + + New-M365DSCLogEntry -Message 'Error during Export:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + return '' + } +} + +function Get-M365DSCFabricTenantSettingAsString +{ + [CmdletBinding()] + [OutputType([System.String])] + param( + [Parameter(Mandatory = $true)] + [System.Collections.Hashtable] + $Setting + ) + + $StringContent += "MSFT_FabricTenantSetting {`r`n" + $StringContent += " settingName = '" + $setting.settingName + "'`r`n" + if (-not [System.String]::IsNullOrEmpty($setting.canSpecifySecurityGroups)) + { + $StringContent += " canSpecifySecurityGroups = `$" + $setting.canSpecifySecurityGroups + "`r`n" + } + if (-not [System.String]::IsNullOrEmpty($setting.delegateToWorkspace)) + { + $StringContent += " delegateToWorkspace = `$" + $setting.delegateToWorkspace + "`r`n" + } + if (-not [System.String]::IsNullOrEmpty($setting.delegatedFrom)) + { + $StringContent += " delegatedFrom = '" + $setting.delegatedFrom + "'`r`n" + } + $StringContent += " enabled = `$" + $setting.enabled + "`r`n" + if (-not [System.String]::IsNullOrEmpty($setting.tenantSettingGroup)) + { + $StringContent += " tenantSettingGroup = '" + $setting.tenantSettingGroup + "'`r`n" + } + $StringContent += " title = '" + $setting.title + "'`r`n" + if (-not [System.String]::IsNullOrEmpty($setting.properties)) + { + $StringContent += " properties = @(" + foreach ($property in $setting.properties) + { + $StringContent += " MSFT_FabricTenantSettingProperty{`r`n" + $StringContent += " name = '$($property.name)'`r`n" + $StringContent += " value = '$($property.value)'`r`n" + $StringContent += " type = '$($property.type)'`r`n" + $StringContent += " }`r`n" + } + $StringContent += ")" + } + if (-not [System.String]::IsNullOrEmpty($setting.excludedSecurityGroups)) + { + $excludedSecurityGroupsValue = $setting.excludedSecurityGroups -join "','" + if ($setting.excludedSecurityGroups.Length -gt 1) + { + $excludedSecurityGroupsValue = $excludedSecurityGroupsValue.Substring(0, $excludedSecurityGroupsValue.Length -3) + } + $StringContent += " excludedSecurityGroups = @('" + $excludedSecurityGroupsValue + "')`r`n" + } + if (-not [System.String]::IsNullOrEmpty($setting.enabledSecurityGroups)) + { + $enabledSecurityGroupsValue = $setting.enabledSecurityGroups -join "','" + if ($setting.enabledSecurityGroups.Length -gt 1) + { + $enabledSecurityGroupsValue = $setting.enabledSecurityGroups -join "','" + $enabledSecurityGroupsValue = $enabledSecurityGroupsValue.Substring(0, $enabledSecurityGroupsValue.Length -3) + } + $StringContent += " enabledSecurityGroups = @('" + $enabledSecurityGroupsValue + "')`r`n" + } + $StringContent += " }`r`n" + return $StringContent +} + +function Get-M365DSCFabricTenantSettingObject +{ + [CmdletBinding()] + [OutputType([PSCustomObject])] + param( + [Parameter()] + $Setting + ) + + if ($null -eq $Setting) + { + return $null + } + + Write-Verbose -Message "Retrieving values for setting {$($Setting.settingName)}" + + $values = @{ + settingName = $Setting.settingName + enabled = [Boolean]$Setting.enabled + title = $Setting.title.Replace("'", "''") + } + if (-not [System.String]::IsNullOrEmpty($Setting.canSpecifySecurityGroups)) + { + $values.Add('canSpecifySecurityGroups', [Boolean]$Setting.canSpecifySecurityGroups) + } + if (-not [System.String]::IsNullOrEmpty($Setting.delegateToWorkspace)) + { + $values.Add('delegateToWorkspace', $Setting.delegateToWorkspace) + } + if (-not [System.String]::IsNullOrEmpty($Setting.delegatedFrom)) + { + $values.Add('delegatedFrom', $Setting.delegatedFrom) + } + if (-not [System.String]::IsNullOrEmpty($Setting.tenantSettingGroup)) + { + $values.Add('tenantSettingGroup', $Setting.tenantSettingGroup) + } + if ($null -ne $Setting.properties -and $Setting.properties.Length -gt 0) + { + $propertiesValue = @() + foreach ($property in $Setting.Properties) + { + $curProperty = @{ + name = $property.name + value = $property.value.Replace("'", "''") + type = $property.type + } + $propertiesValue += $curProperty + } + + $values.Add('properties', $propertiesValue) + } + if ($null -ne $Setting.excludedSecurityGroups -and $Setting.excludedSecurityGroups.Length -gt 0) + { + $values.Add('excludedSecurityGroups', [Array]$Setting.excludedSecurityGroups.name) + } + if ($null -ne $Setting.enabledSecurityGroups -and $Setting.enabledSecurityGroups.Length -gt 0) + { + $values.Add('enabledSecurityGroups', [Array]$Setting.enabledSecurityGroups.name) + } + return $values +} + +Export-ModuleMember -Function *-TargetResource diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof new file mode 100644 index 0000000000..4b91816f4a --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof @@ -0,0 +1,172 @@ +[ClassVersion("1.0.0")] +class MSFT_FabricDelegatedFrom +{ + [Write, Description("The setting is delegated from a capacity.")] String Capacity; + [Write, Description("The setting is delegated from a domain.")] String Domain; + [Write, Description("The setting is delegated from a tenant.")] String Tenant; +}; + +[ClassVersion("1.0.0")] +class MSFT_FabricTenantSettingProperty +{ + [Write, Description("The name of the property.")] String name; + [Write, Description("The type of the property.")] String type; + [Write, Description("The value of the property.")] String value; +}; + +[ClassVersion("1.0.0")] +class MSFT_FabricTenantSetting +{ + [Write, Description("Indicates if the tenant setting is enabled for a security group. 0 - The tenant setting is enabled for the entire organization.")] Boolean canSpecifySecurityGroups; + [Write, Description("Indicates whether the tenant setting can be delegated to a workspace admin. False - Workspace admin cannot override the tenant setting.")] Boolean delegateToWorkspace; + [Write, Description("Tenant setting delegated from tenant, capacity or domain."), EmbeddedInstance("MSFT_FabricDelegatedFrom")] string delegatedFrom; + [Write, Description("The name of the tenant setting.")] String settingName; + [Write, Description("The status of the tenant setting.")] Boolean enabled; + [Write, Description("Tenant setting group name.")] String tenantSettingGroup; + [Write, Description("The title of the tenant setting.")] String title; + [Write, Description("Tenant setting properties."), EmbeddedInstance("MSFT_FabricTenantSettingProperty")] String properties[]; + [Write, Description("A list of excluded security groups.")] String excludedSecurityGroups[]; + [Write, Description("A list of enabled security groups.")] String enabledSecurityGroups[]; +}; + +[ClassVersion("1.0.0.0"), FriendlyName("FabricAdminTenantSettings")] +class MSFT_FabricAdminTenantSettings : OMI_BaseResource +{ + [Key, Description("Specifies the resource is a single instance, the value must be 'Yes'."), ValueMap{"Yes"}, Values{"Yes"}] String IsSingleInstance; + [Write, Description("Microsoft Entra single sign-on for data gateway"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AADSSOForGateway; + [Write, Description("Enhance admin APIs responses with detailed metadata"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AdminApisIncludeDetailedMetadata; + [Write, Description("Enhance admin APIs responses with DAX and mashup expressions"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AdminApisIncludeExpressions; + [Write, Description("Show a custom message before publishing reports"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AdminCustomDisclaimer; + [Write, Description("Users can create and share AI skill item types (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AISkillArtifactTenantSwitch; + [Write, Description("Azure Private Link"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowAccessOverPrivateLinks; + [Write, Description("AppSource Custom Visuals SSO"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowCVAuthenticationTenant; + [Write, Description("Allow access to the browser's local storage"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowCVLocalStorageV2Tenant; + [Write, Description("Allow downloads from custom visuals"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowCVToExportDataToFileTenant; + [Write, Description("Endorse master data (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowEndorsementMasterDataSwitch; + [Write, Description("Users can accept external data shares (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowExternalDataSharingReceiverSwitch; + [Write, Description("External data sharing (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowExternalDataSharingSwitch; + [Write, Description("Users can try Microsoft Fabric paid features"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowFreeTrial; + [Write, Description("Users can see guest users in lists of suggested people"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowGuestLookup; + [Write, Description("Guest users can access Microsoft Fabric"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowGuestUserToAccessSharedContent; + [Write, Description("Allow DirectQuery connections to Power BI semantic models"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowPowerBIASDQOnTenant; + [Write, Description("Data sent to Azure OpenAI can be processed outside your capacity's geographic region, compliance boundary, or national cloud instance"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowSendAOAIDataToOtherRegions; + [Write, Description("Allow user data to leave their geography"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowSendNLToDaxDataToOtherRegions; + [Write, Description("Allow service principals to create and use profiles"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowServicePrincipalsCreateAndUseProfiles; + [Write, Description("Service principals can access read-only admin APIs"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AllowServicePrincipalsUseReadAdminAPIs; + [Write, Description("Push apps to end users"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AppPush; + [Write, Description("Use global search for Power BI"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ArtifactSearchTenant; + [Write, Description("Microsoft can store query text to aid in support investigations"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ASCollectQueryTextTelemetryTenantSwitch; + [Write, Description("Enable granular access control for all data connections"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ASShareableCloudConnectionBindingSecurityModeTenant; + [Write, Description("Semantic models can export data to OneLake (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ASWritethruContinuousExportTenantSwitch; + [Write, Description("Users can store semantic model tables in OneLake (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ASWritethruTenantSwitch; + [Write, Description("Install Power BI app for Microsoft Teams automatically"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AutoInstallPowerBIAppInTeamsTenant; + [Write, Description("Show entry points for insights (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AutomatedInsightsEntryPoints; + [Write, Description("Receive notifications for top insights (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AutomatedInsightsTenant; + [Write, Description("Use Azure Maps visual"), EmbeddedInstance("MSFT_FabricTenantSetting")] string AzureMap; + [Write, Description("Map and filled map visuals"), EmbeddedInstance("MSFT_FabricTenantSetting")] string BingMap; + [Write, Description("Block Public Internet Access"), EmbeddedInstance("MSFT_FabricTenantSetting")] string BlockAccessFromPublicNetworks; + [Write, Description("Block republish and disable package refresh"), EmbeddedInstance("MSFT_FabricTenantSetting")] string BlockAutoDiscoverAndPackageRefresh; + [Write, Description("Restrict content with protected labels from being shared via link with everyone in your organization"), EmbeddedInstance("MSFT_FabricTenantSetting")] string BlockProtectedLabelSharingToEntireOrg; + [Write, Description("Block ResourceKey Authentication"), EmbeddedInstance("MSFT_FabricTenantSetting")] string BlockResourceKeyAuthentication; + [Write, Description("Create and use Gen1 dataflows"), EmbeddedInstance("MSFT_FabricTenantSetting")] string CDSAManagement; + [Write, Description("Add and use certified visuals only (block uncertified)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string CertifiedCustomVisualsTenant; + [Write, Description("Certification"), EmbeddedInstance("MSFT_FabricTenantSetting")] string CertifyDatasets; + [Write, Description("Define workspace retention period"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ConfigureFolderRetentionPeriod; + [Write, Description("Create workspaces"), EmbeddedInstance("MSFT_FabricTenantSetting")] string CreateAppWorkspaces; + [Write, Description("Allow visuals created using the Power BI SDK"), EmbeddedInstance("MSFT_FabricTenantSetting")] string CustomVisualsTenant; + [Write, Description("Create Datamarts (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DatamartTenant; + [Write, Description("Semantic Model Execute Queries REST API"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DatasetExecuteQueries; + [Write, Description("Publish template apps"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DevelopServiceApps; + [Write, Description("Discover content"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DiscoverDatasetsConsumption; + [Write, Description("Make certified content discoverable "), EmbeddedInstance("MSFT_FabricTenantSetting")] string DiscoverDatasetsSettingsCertified; + [Write, Description("Make promoted content discoverable"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DiscoverDatasetsSettingsPromoted; + [Write, Description("Dremio SSO"), EmbeddedInstance("MSFT_FabricTenantSetting")] string DremioSSO; + [Write, Description("Apply sensitivity labels from data sources to their data in Power BI"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EimInformationProtectionDataSourceInheritanceSetting; + [Write, Description("Automatically apply sensitivity labels to downstream content"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EimInformationProtectionDownstreamInheritanceSetting; + [Write, Description("Allow users to apply sensitivity labels for content"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EimInformationProtectionEdit; + [Write, Description("Increase the number of users who can edit and republish encrypted PBIX files (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EimInformationProtectionLessElevated; + [Write, Description("Allow workspace admins to override automatically applied sensitivity labels"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting; + [Write, Description("Guest users can browse and access Fabric content"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ElevatedGuestsTenant; + [Write, Description("Receive email notifications for service outages or incidents"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EmailSecurityGroupsOnOutage; + [Write, Description("Guest users can set up and subscribe to email subscriptions"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EmailSubscriptionsToB2BUsers; + [Write, Description("Users can send email subscriptions to guest users"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EmailSubscriptionsToExternalUsers; + [Write, Description("Users can set up email subscriptions"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EmailSubscriptionTenant; + [Write, Description("Embed content in apps"), EmbeddedInstance("MSFT_FabricTenantSetting")] string Embedding; + [Write, Description("Users can use Copilot and other features powered by Azure OpenAI"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableAOAI; + [Write, Description("Allow specific users to turn on external data sharing"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableDatasetInPlaceSharing; + [Write, Description("Allow connections to featured tables"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableExcelYellowIntegration; + [Write, Description("Users can create and use data workflows (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableFabricAirflow; + [Write, Description("Allow quick measure suggestions (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableNLToDax; + [Write, Description("Allow tenant and domain admins to override workspace assignments (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EnableReassignDataDomainSwitch; + [Write, Description("Use ArcGIS Maps for Power BI"), EmbeddedInstance("MSFT_FabricTenantSetting")] string EsriVisual; + [Write, Description("Help Power BI optimize your experience"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExpFlightingTenant; + [Write, Description("Download reports"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportReport; + [Write, Description("Export to .csv"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToCsv; + [Write, Description("Export to Excel"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToExcelSetting; + [Write, Description("Export reports as image files"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToImage; + [Write, Description("Export reports as MHTML documents"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToMHTML; + [Write, Description("Export reports as PowerPoint presentations or PDF documents"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToPowerPoint; + [Write, Description("Export reports as Word documents"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToWord; + [Write, Description("Export reports as XML documents"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportToXML; + [Write, Description("Copy and paste visuals"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExportVisualImageTenant; + [Write, Description("Guest users can work with shared semantic models in their own tenants"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExternalDatasetSharingTenant; + [Write, Description("Users can invite guest users to collaborate through item sharing and permissions"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ExternalSharingV2; + [Write, Description("Capacity admins and contributors can add and remove additional workloads"), EmbeddedInstance("MSFT_FabricTenantSetting")] string FabricAddPartnerWorkload; + [Write, Description("Product Feedback"), EmbeddedInstance("MSFT_FabricTenantSetting")] string FabricFeedbackTenantSwitch; + [Write, Description("Users can create Fabric items"), EmbeddedInstance("MSFT_FabricTenantSetting")] string FabricGAWorkloads; + [Write, Description("Capacity admins can develop additional workloads"), EmbeddedInstance("MSFT_FabricTenantSetting")] string FabricThirdPartyWorkloads; + [Write, Description("Users can sync workspace items with GitHub repositories "), EmbeddedInstance("MSFT_FabricTenantSetting")] string GitHubTenantSettings; + [Write, Description("Users can export items to Git repositories in other geographical locations (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string GitIntegrationCrossGeoTenantSwitch; + [Write, Description("Users can export workspace items with applied sensitivity labels to Git repositories (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string GitIntegrationSensitivityLabelsTenantSwitch; + [Write, Description("Users can synchronize workspace items with their Git repositories (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string GitIntegrationTenantSwitch; + [Write, Description("Google BigQuery SSO"), EmbeddedInstance("MSFT_FabricTenantSetting")] string GoogleBigQuerySSO; + [Write, Description("API for GraphQL (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string GraphQLTenant; + [Write, Description("Healthcare data solutions (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string HealthcareSolutionsTenantSwitch; + [Write, Description("Install template apps not listed in AppSource"), EmbeddedInstance("MSFT_FabricTenantSetting")] string InstallNonvalidatedTemplateApps; + [Write, Description("Install template apps"), EmbeddedInstance("MSFT_FabricTenantSetting")] string InstallServiceApps; + [Write, Description("Users can create Real-Time Dashboards (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string KustoDashboardTenantSwitch; + [Write, Description("Users can work with semantic models in Excel using a live connection"), EmbeddedInstance("MSFT_FabricTenantSetting")] string LiveConnection; + [Write, Description("Azure Log Analytics connections for workspace administrators"), EmbeddedInstance("MSFT_FabricTenantSetting")] string LogAnalyticsAttachForWorkspaceAdmins; + [Write, Description("Users can see Microsoft Fabric metadata in Microsoft 365"), EmbeddedInstance("MSFT_FabricTenantSetting")] string M365DataSharing; + [Write, Description("Database Mirroring (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string Mirroring; + [Write, Description("Semantic model owners can choose to automatically update semantic models from files imported from OneDrive or SharePoint"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ODSPRefreshEnforcementTenantAllowAutomaticUpdate; + [Write, Description("Users can share links to Power BI files stored in OneDrive and SharePoint through Power BI Desktop (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string OneDriveSharePointAllowSharingTenantSetting; + [Write, Description("Users can view Power BI files saved in OneDrive and SharePoint (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string OneDriveSharePointViewerIntegrationTenantSettingV2; + [Write, Description("Users can sync data in OneLake with the OneLake File Explorer app"), EmbeddedInstance("MSFT_FabricTenantSetting")] string OneLakeFileExplorer; + [Write, Description("Users can access data stored in OneLake with apps external to Fabric"), EmbeddedInstance("MSFT_FabricTenantSetting")] string OneLakeForThirdParty; + [Write, Description("Allow XMLA endpoints and Analyze in Excel with on-premises semantic models"), EmbeddedInstance("MSFT_FabricTenantSetting")] string OnPremAnalyzeInExcel; + [Write, Description("Create and use Metrics"), EmbeddedInstance("MSFT_FabricTenantSetting")] string PowerBIGoalsTenant; + [Write, Description("Power Platform Solutions Integration (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string PowerPlatformSolutionsIntegrationTenant; + [Write, Description("Print dashboards and reports"), EmbeddedInstance("MSFT_FabricTenantSetting")] string Printing; + [Write, Description("Featured content"), EmbeddedInstance("MSFT_FabricTenantSetting")] string PromoteContent; + [Write, Description("Publish apps to the entire organization"), EmbeddedInstance("MSFT_FabricTenantSetting")] string PublishContentPack; + [Write, Description("Publish to web"), EmbeddedInstance("MSFT_FabricTenantSetting")] string PublishToWeb; + [Write, Description("Review questions"), EmbeddedInstance("MSFT_FabricTenantSetting")] string QnaFeedbackLoop; + [Write, Description("Synonym sharing"), EmbeddedInstance("MSFT_FabricTenantSetting")] string QnaLsdlSharing; + [Write, Description("Scale out queries for large semantic models"), EmbeddedInstance("MSFT_FabricTenantSetting")] string QueryScaleOutTenant; + [Write, Description("Redshift SSO"), EmbeddedInstance("MSFT_FabricTenantSetting")] string RedshiftSSO; + [Write, Description("Block users from reassigning personal workspaces (My Workspace)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string RestrictMyFolderCapacity; + [Write, Description("Retail data solutions (preview) "), EmbeddedInstance("MSFT_FabricTenantSetting")] string RetailSolutionsTenantSwitch; + [Write, Description("Interact with and share R and Python visuals"), EmbeddedInstance("MSFT_FabricTenantSetting")] string RScriptVisual; + [Write, Description("Service principals can use Fabric APIs"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ServicePrincipalAccess; + [Write, Description("Allow shareable links to grant access to everyone in your organization"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ShareLinkToEntireOrg; + [Write, Description("Enable Microsoft Teams integration"), EmbeddedInstance("MSFT_FabricTenantSetting")] string ShareToTeamsTenant; + [Write, Description("Snowflake SSO"), EmbeddedInstance("MSFT_FabricTenantSetting")] string SnowflakeSSO; + [Write, Description("Enable Power BI add-in for PowerPoint"), EmbeddedInstance("MSFT_FabricTenantSetting")] string StorytellingTenant; + [Write, Description("Sustainability solutions (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string SustainabilitySolutionsTenantSwitch; + [Write, Description("Create template organizational apps"), EmbeddedInstance("MSFT_FabricTenantSetting")] string TemplatePublish; + [Write, Description("Publish Get Help information"), EmbeddedInstance("MSFT_FabricTenantSetting")] string TenantSettingPublishGetHelpInfo; + [Write, Description("Data Activator (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string TridentPrivatePreview; + [Write, Description("Usage metrics for content creators"), EmbeddedInstance("MSFT_FabricTenantSetting")] string UsageMetrics; + [Write, Description("Per-user data in usage metrics for content creators"), EmbeddedInstance("MSFT_FabricTenantSetting")] string UsageMetricsTrackUserLevelInfo; + [Write, Description("Use semantic models across workspaces"), EmbeddedInstance("MSFT_FabricTenantSetting")] string UseDatasetsAcrossWorkspaces; + [Write, Description("Integration with SharePoint and Microsoft Lists"), EmbeddedInstance("MSFT_FabricTenantSetting")] string VisualizeListInPowerBI; + [Write, Description("Web content on dashboard tiles"), EmbeddedInstance("MSFT_FabricTenantSetting")] string WebContentTilesTenant; + [Write, Description("Users can edit data models in the Power BI service (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string WebModelingTenantSwitch; + [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; + [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; + [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; + [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/readme.md new file mode 100644 index 0000000000..f4ea4850a7 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/readme.md @@ -0,0 +1,6 @@ + +# FabricAdminTenantSettings + +## Description + +This resource configures the tenant settings for Microsoft Fabric. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/settings.json new file mode 100644 index 0000000000..f2e3b8aade --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/settings.json @@ -0,0 +1,20 @@ +{ + "resourceName": "FabricAdminTenantSettings", + "description": "This resource configures the tenant settings for Microsoft Fabric.", + "roles": { + "read": [], + "update": [] + }, + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] + } + } + } +} diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index e3f1d08163..717197df8f 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -90,7 +90,7 @@ }, @{ ModuleName = "MSCloudLoginAssistant" - RequiredVersion = "1.1.19" + RequiredVersion = "1.1.20" }, @{ ModuleName = 'PnP.PowerShell' diff --git a/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 b/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 new file mode 100644 index 0000000000..3bb328f122 --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 @@ -0,0 +1,45 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint + ) + Import-DscResource -ModuleName Microsoft365DSC + node localhost + { + IsSingleInstance = 'Yes' + AADSSOForGateway = MSFT_FabricTenantSetting { + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + }; + AdminApisIncludeDetailedMetadata = MSFT_FabricTenantSetting { + settingName = 'AdminApisIncludeDetailedMetadata' + canSpecifySecurityGroups = $True + enabled = $True + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @('MyExcludedGroup') + enabledSecurityGroups = @('Group1','Group2') + }; + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + } +} diff --git a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 index afbbe21dd2..cd94876636 100644 --- a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 +++ b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 @@ -79,6 +79,7 @@ 'Modules/M365DSCDRGUtil.psm1', 'Modules/EncodingHelpers/M365DSCEmojis.psm1', 'Modules/EncodingHelpers/M365DSCStringEncoding.psm1', + 'Modules/WorkloadHelpers/M365DSCFabricHelper.psm1', 'Modules/M365DSCConfigurationHelper.psm1' ) diff --git a/Modules/Microsoft365DSC/Modules/M365DSCReverse.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCReverse.psm1 index be090cf9a6..61ed490d9b 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCReverse.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCReverse.psm1 @@ -41,7 +41,7 @@ function Start-M365DSCConfigurationExtract $MaxProcesses = 16, [Parameter()] - [ValidateSet('AAD', 'SPO', 'EXO', 'INTUNE', 'SC', 'OD', 'O365', 'TEAMS', 'PP', 'PLANNER')] + [ValidateSet('AAD', 'FABRIC', 'SPO', 'EXO', 'INTUNE', 'SC', 'OD', 'O365', 'TEAMS', 'PP', 'PLANNER')] [System.String[]] $Workloads, diff --git a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 index 7fad40386a..5dec239d62 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 @@ -1161,7 +1161,7 @@ function Export-M365DSCConfiguration $Components, [Parameter(ParameterSetName = 'Export')] - [ValidateSet('AAD', 'SPO', 'EXO', 'INTUNE', 'SC', 'OD', 'O365', 'PLANNER', 'PP', 'TEAMS')] + [ValidateSet('AAD', 'FABRIC', 'SPO', 'EXO', 'INTUNE', 'SC', 'OD', 'O365', 'PLANNER', 'PP', 'TEAMS')] [System.String[]] $Workloads, @@ -1708,7 +1708,7 @@ function New-M365DSCConnection param ( [Parameter(Mandatory = $true)] - [ValidateSet('ExchangeOnline', 'Intune', ` + [ValidateSet('AzureDevOPS', 'ExchangeOnline', 'Fabric', 'Intune', ` 'SecurityComplianceCenter', 'PnP', 'PowerPlatforms', ` 'MicrosoftTeams', 'MicrosoftGraph', 'Tasks')] [System.String] diff --git a/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCFabricHelper.psm1 b/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCFabricHelper.psm1 new file mode 100644 index 0000000000..ca390ae10c --- /dev/null +++ b/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCFabricHelper.psm1 @@ -0,0 +1,26 @@ +function Invoke-M365DSCFabricWebRequest +{ + [OutputType([PSCustomObject])] + [CmdletBinding()] + param( + [Parameter(Mandatory = $true)] + [System.String] + $Uri, + + [Parameter()] + [System.String] + $Method = 'GET', + + [Parameter()] + [System.Collections.Hashtable] + $Body + ) + + $headers = @{ + Authorization = $global:MsCloudLoginConnectionProfile.Fabric.AccessToken + } + + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $Body + $result = ConvertFrom-Json $response.Content + return $result +} diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.FabricAdminTenantSettings.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.FabricAdminTenantSettings.Tests.ps1 new file mode 100644 index 0000000000..da1e78d7ae --- /dev/null +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.FabricAdminTenantSettings.Tests.ps1 @@ -0,0 +1,220 @@ +[CmdletBinding()] +param( +) +$M365DSCTestFolder = Join-Path -Path $PSScriptRoot ` + -ChildPath '..\..\Unit' ` + -Resolve +$CmdletModule = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Microsoft365.psm1' ` + -Resolve) +$GenericStubPath = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Generic.psm1' ` + -Resolve) +Import-Module -Name (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\UnitTestHelper.psm1' ` + -Resolve) + +$CurrentScriptPath = $PSCommandPath.Split('\') +$CurrentScriptName = $CurrentScriptPath[$CurrentScriptPath.Length -1] +$ResourceName = $CurrentScriptName.Split('.')[1] +$Global:DscHelper = New-M365DscUnitTestHelper -StubModule $CmdletModule ` + -DscResource $ResourceName -GenericStubModule $GenericStubPath + +Describe -Name $Global:DscHelper.DescribeHeader -Fixture { + InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { + Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope + BeforeAll { + + Mock -CommandName Confirm-M365DSCDependencies -MockWith { + } + + Mock -CommandName New-M365DSCConnection -MockWith { + return "ServicePrincipalWithThumbprint" + } + + # Mock Write-Host to hide output during the tests + Mock -CommandName Write-Host -MockWith { + } + $Script:exportedInstances =$null + $Script:ExportMode = $false + } + # Test contexts + Context -Name "The instance exists and values are already in the desired state" -Fixture { + BeforeAll { + $testParams = @{ + IsSingleInstance = 'Yes' + AADSSOForGateway = (New-CimInstance -ClassName MSFT_FabricTenantSetting -Property @{ + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + } -ClientOnly); + AdminApisIncludeDetailedMetadata = (New-CimInstance -ClassName MSFT_FabricTenantSetting -Property @{ + settingName = 'AdminApisIncludeDetailedMetadata' + canSpecifySecurityGroups = $True + enabled = $True + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @('MyExcludedGroup') + enabledSecurityGroups = @('Group1','Group2') + } -ClientOnly) + ApplicationId = (New-GUID).ToString() + TenantId = 'Contoso.com' + CertificateThumbprint = (New-GUID).ToString() + } + + Mock -CommandName Invoke-M365DSCFabricWebRequest -MockWith { + return @{ + tenantSettings = @( + @{ + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + }, + @{ + settingName = 'AdminApisIncludeDetailedMetadata' + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + canSpecifySecurityGroups = $True + enabled = $True + excludedSecurityGroups = @( + @{ + Name = "MyExcludedGroup" + } + ) + enabledSecurityGroups = @( + @{ + Name = "Group1" + }, + @{ + Name = "Group2" + } + ) + } + ) + } + } + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + + Context -Name "The instance exists and values are NOT in the desired state" -Fixture { + BeforeAll { + $testParams = @{ + IsSingleInstance = 'Yes' + AADSSOForGateway = (New-CimInstance -ClassName MSFT_FabricTenantSetting -Property @{ + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + } -ClientOnly); + AdminApisIncludeDetailedMetadata = (New-CimInstance -ClassName MSFT_FabricTenantSetting -Property @{ + settingName = 'AdminApisIncludeDetailedMetadata' + canSpecifySecurityGroups = $True + enabled = $True + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @('MyExcludedGroup') + enabledSecurityGroups = @('Group1','Group4') # Drift + } -ClientOnly) + ApplicationId = (New-GUID).ToString() + TenantId = 'Contoso.com' + CertificateThumbprint = (New-GUID).ToString() + } + + Mock -CommandName Invoke-M365DSCFabricWebRequest -MockWith { + return @{ + tenantSettings = @( + @{ + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + }, + @{ + settingName = 'AdminApisIncludeDetailedMetadata' + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @( + @{ + Name = "MyExcludedGroup" + } + ) + enabledSecurityGroups = @( + @{ + Name = "Group1" + }, + @{ + Name = "Group2" + } + ) + } + ) + } + } + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + } + + Context -Name 'ReverseDSC Tests' -Fixture { + BeforeAll { + $Global:CurrentModeIsExport = $true + $Global:PartialExportFileName = "$(New-Guid).partial.ps1" + $testParams = @{ + ApplicationId = (New-GUID).ToString() + TenantId = 'Contoso.com' + CertificateThumbprint = (New-GUID).ToString() + } + + Mock -CommandName Invoke-M365DSCFabricWebRequest -MockWith { + return @{ + tenantSettings = @( + @{ + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + }, + @{ + settingName = 'AdminApisIncludeDetailedMetadata' + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @( + @{ + Name = "MyExcludedGroup" + } + ) + enabledSecurityGroups = @( + @{ + Name = "Group1" + }, + @{ + Name = "Group4" # Drift + } + ) + } + ) + } + } + } + It 'Should Reverse Engineer resource from the Export method' { + $result = Export-TargetResource @testParams + $result | Should -Not -BeNullOrEmpty + } + } + } +} + +Invoke-Command -ScriptBlock $Global:DscHelper.CleanupScript -NoNewScope From 2776a433cd499f65158b85d919a38f777995d080 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Sep 2024 13:27:09 -0400 Subject: [PATCH 3/6] Update Generic.psm1 --- Tests/Unit/Stubs/Generic.psm1 | 3 --- 1 file changed, 3 deletions(-) diff --git a/Tests/Unit/Stubs/Generic.psm1 b/Tests/Unit/Stubs/Generic.psm1 index a18029efcf..6ebc93dda5 100644 --- a/Tests/Unit/Stubs/Generic.psm1 +++ b/Tests/Unit/Stubs/Generic.psm1 @@ -356,9 +356,6 @@ function New-M365DSCConnection [CmdletBinding()] param( [Parameter(Mandatory = $true)] - [ValidateSet('ExchangeOnline', 'Intune', ` - 'SecurityComplianceCenter', 'MSOnline', 'PnP', 'PowerPlatforms', ` - 'MicrosoftTeams', 'MicrosoftGraph', 'Tasks')] [System.String] $Workload, From 975a3a74f89f65ca3e4cc5c4b6e020dd5189883d Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Sep 2024 14:25:33 -0400 Subject: [PATCH 4/6] Fixed Example --- .../4-MonitorOnly.ps1 | 43 ++++++++++--------- 1 file changed, 23 insertions(+), 20 deletions(-) diff --git a/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 b/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 index 3bb328f122..21984dd722 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/FabricAdminTenantSettings/4-MonitorOnly.ps1 @@ -21,25 +21,28 @@ Configuration Example Import-DscResource -ModuleName Microsoft365DSC node localhost { - IsSingleInstance = 'Yes' - AADSSOForGateway = MSFT_FabricTenantSetting { - settingName = 'AADSSOForGateway' - canSpecifySecurityGroups = $False - enabled = $True - tenantSettingGroup = 'Integration settings' - title = 'Microsoft Entra single sign-on for data gateway' - }; - AdminApisIncludeDetailedMetadata = MSFT_FabricTenantSetting { - settingName = 'AdminApisIncludeDetailedMetadata' - canSpecifySecurityGroups = $True - enabled = $True - tenantSettingGroup = 'Admin API settings' - title = 'Enhance admin APIs responses with detailed metadata' - excludedSecurityGroups = @('MyExcludedGroup') - enabledSecurityGroups = @('Group1','Group2') - }; - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint + FabricAdminTenantSettings "FabricAdminTenantSettings" + { + IsSingleInstance = 'Yes' + AADSSOForGateway = MSFT_FabricTenantSetting { + settingName = 'AADSSOForGateway' + canSpecifySecurityGroups = $False + enabled = $True + tenantSettingGroup = 'Integration settings' + title = 'Microsoft Entra single sign-on for data gateway' + }; + AdminApisIncludeDetailedMetadata = MSFT_FabricTenantSetting { + settingName = 'AdminApisIncludeDetailedMetadata' + canSpecifySecurityGroups = $True + enabled = $True + tenantSettingGroup = 'Admin API settings' + title = 'Enhance admin APIs responses with detailed metadata' + excludedSecurityGroups = @('MyExcludedGroup') + enabledSecurityGroups = @('Group1','Group2') + }; + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + } } } From 568d901f5105ce4fa0f6b3a6b912166bdb3d531f Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Sep 2024 14:37:12 -0400 Subject: [PATCH 5/6] Update MSFT_FabricAdminTenantSettings.schema.mof --- .../MSFT_FabricAdminTenantSettings.schema.mof | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof index 4b91816f4a..d52886c0bd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.schema.mof @@ -163,7 +163,6 @@ class MSFT_FabricAdminTenantSettings : OMI_BaseResource [Write, Description("Integration with SharePoint and Microsoft Lists"), EmbeddedInstance("MSFT_FabricTenantSetting")] string VisualizeListInPowerBI; [Write, Description("Web content on dashboard tiles"), EmbeddedInstance("MSFT_FabricTenantSetting")] string WebContentTilesTenant; [Write, Description("Users can edit data models in the Power BI service (preview)"), EmbeddedInstance("MSFT_FabricTenantSetting")] string WebModelingTenantSwitch; - [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; From fe00c158ae9c69607c8ca4159a4f825cedd1b0bd Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Sep 2024 19:39:08 -0400 Subject: [PATCH 6/6] Update MSFT_FabricAdminTenantSettings.psm1 --- .../MSFT_FabricAdminTenantSettings.psm1 | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 index 482c9524c7..52a0e3bea4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 @@ -1854,7 +1854,6 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" @@ -1874,12 +1873,13 @@ function Test-TargetResource if (-Not $testResult) { Write-Verbose -Message "Difference found for $key" + Write-Verbose -Message "Current Values: $($source | Out-String)" + Write-Verbose -Message "Desired Values: $($target | Out-String)" $testResult = $false break } $ValuesToCheck.Remove($key) | Out-Null - } } @@ -1975,14 +1975,23 @@ function Export-TargetResource -ModulePath $PSScriptRoot ` -Results $newResults ` -Credential $Credential + $fixQuotes = $false foreach ($key in $Results.Keys) { if ($null -ne $Results.$key -and $key -notin $params.Keys) { + if ($currentDSCBlock.Contains('`"')) + { + $fixQuotes = $true + } $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName $key + -ParameterName $key } } + if ($fixQuotes) + { + $currentDSCBlock = $currentDSCBlock.Replace('`', '"') + } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName @@ -2032,7 +2041,7 @@ function Get-M365DSCFabricTenantSettingAsString { $StringContent += " tenantSettingGroup = '" + $setting.tenantSettingGroup + "'`r`n" } - $StringContent += " title = '" + $setting.title + "'`r`n" + $StringContent += " title = '" + $setting.title.Replace("'", "''") + "'`r`n" if (-not [System.String]::IsNullOrEmpty($setting.properties)) { $StringContent += " properties = @(" @@ -2040,7 +2049,7 @@ function Get-M365DSCFabricTenantSettingAsString { $StringContent += " MSFT_FabricTenantSettingProperty{`r`n" $StringContent += " name = '$($property.name)'`r`n" - $StringContent += " value = '$($property.value)'`r`n" + $StringContent += " value = '$($property.value.Replace("'", "''"))'`r`n" $StringContent += " type = '$($property.type)'`r`n" $StringContent += " }`r`n" } @@ -2049,20 +2058,11 @@ function Get-M365DSCFabricTenantSettingAsString if (-not [System.String]::IsNullOrEmpty($setting.excludedSecurityGroups)) { $excludedSecurityGroupsValue = $setting.excludedSecurityGroups -join "','" - if ($setting.excludedSecurityGroups.Length -gt 1) - { - $excludedSecurityGroupsValue = $excludedSecurityGroupsValue.Substring(0, $excludedSecurityGroupsValue.Length -3) - } $StringContent += " excludedSecurityGroups = @('" + $excludedSecurityGroupsValue + "')`r`n" } if (-not [System.String]::IsNullOrEmpty($setting.enabledSecurityGroups)) { $enabledSecurityGroupsValue = $setting.enabledSecurityGroups -join "','" - if ($setting.enabledSecurityGroups.Length -gt 1) - { - $enabledSecurityGroupsValue = $setting.enabledSecurityGroups -join "','" - $enabledSecurityGroupsValue = $enabledSecurityGroupsValue.Substring(0, $enabledSecurityGroupsValue.Length -3) - } $StringContent += " enabledSecurityGroups = @('" + $enabledSecurityGroupsValue + "')`r`n" } $StringContent += " }`r`n" @@ -2088,7 +2088,7 @@ function Get-M365DSCFabricTenantSettingObject $values = @{ settingName = $Setting.settingName enabled = [Boolean]$Setting.enabled - title = $Setting.title.Replace("'", "''") + title = $Setting.title } if (-not [System.String]::IsNullOrEmpty($Setting.canSpecifySecurityGroups)) { @@ -2113,7 +2113,7 @@ function Get-M365DSCFabricTenantSettingObject { $curProperty = @{ name = $property.name - value = $property.value.Replace("'", "''") + value = $property.value type = $property.type } $propertiesValue += $curProperty