122 lines
4.2 KiB
PHP
122 lines
4.2 KiB
PHP
<?php
|
|
|
|
return [
|
|
'supported_policy_types' => [
|
|
[
|
|
'type' => 'deviceConfiguration',
|
|
'label' => 'Device Configuration',
|
|
'category' => 'Configuration',
|
|
'platform' => 'all',
|
|
'endpoint' => 'deviceManagement/deviceConfigurations',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium',
|
|
],
|
|
[
|
|
'type' => 'settingsCatalogPolicy',
|
|
'label' => 'Settings Catalog Policy',
|
|
'category' => 'Configuration',
|
|
'platform' => 'windows',
|
|
'endpoint' => 'deviceManagement/configurationPolicies',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium',
|
|
],
|
|
[
|
|
'type' => 'deviceCompliancePolicy',
|
|
'label' => 'Device Compliance',
|
|
'category' => 'Compliance',
|
|
'platform' => 'all',
|
|
'endpoint' => 'deviceManagement/deviceCompliancePolicies',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium',
|
|
],
|
|
[
|
|
'type' => 'appProtectionPolicy',
|
|
'label' => 'App Protection (MAM)',
|
|
'category' => 'Apps/MAM',
|
|
'platform' => 'mobile',
|
|
'endpoint' => 'deviceAppManagement/managedAppPolicies',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium-high',
|
|
],
|
|
[
|
|
'type' => 'conditionalAccessPolicy',
|
|
'label' => 'Conditional Access',
|
|
'category' => 'Conditional Access',
|
|
'platform' => 'all',
|
|
'endpoint' => 'identity/conditionalAccess/policies',
|
|
'backup' => 'full',
|
|
'restore' => 'preview-only',
|
|
'risk' => 'high',
|
|
],
|
|
[
|
|
'type' => 'deviceManagementScript',
|
|
'label' => 'PowerShell Scripts',
|
|
'category' => 'Scripts',
|
|
'platform' => 'windows',
|
|
'endpoint' => 'deviceManagement/deviceManagementScripts',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium',
|
|
],
|
|
[
|
|
'type' => 'enrollmentRestriction',
|
|
'label' => 'Enrollment Restrictions',
|
|
'category' => 'Enrollment',
|
|
'platform' => 'all',
|
|
'endpoint' => 'deviceManagement/deviceEnrollmentConfigurations',
|
|
'backup' => 'full',
|
|
'restore' => 'preview-only',
|
|
'risk' => 'high',
|
|
],
|
|
[
|
|
'type' => 'windowsAutopilotDeploymentProfile',
|
|
'label' => 'Windows Autopilot Profiles',
|
|
'category' => 'Autopilot',
|
|
'platform' => 'windows',
|
|
'endpoint' => 'deviceManagement/windowsAutopilotDeploymentProfiles',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium-high',
|
|
],
|
|
[
|
|
'type' => 'windowsEnrollmentStatusPage',
|
|
'label' => 'Enrollment Status Page (ESP)',
|
|
'category' => 'Enrollment',
|
|
'platform' => 'all',
|
|
'endpoint' => 'deviceManagement/deviceEnrollmentConfigurations',
|
|
'filter' => "odata.type eq '#microsoft.graph.windows10EnrollmentCompletionPageConfiguration'",
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'medium',
|
|
],
|
|
[
|
|
'type' => 'endpointSecurityIntent',
|
|
'label' => 'Endpoint Security Intents',
|
|
'category' => 'Endpoint Security',
|
|
'platform' => 'windows',
|
|
'endpoint' => 'deviceManagement/intents',
|
|
'backup' => 'full',
|
|
'restore' => 'enabled',
|
|
'risk' => 'high',
|
|
],
|
|
[
|
|
'type' => 'mobileApp',
|
|
'label' => 'Applications (Metadata only)',
|
|
'category' => 'Applications',
|
|
'platform' => 'all',
|
|
'endpoint' => 'deviceAppManagement/mobileApps',
|
|
'backup' => 'metadata-only',
|
|
'restore' => 'enabled',
|
|
'risk' => 'low-medium',
|
|
],
|
|
],
|
|
|
|
'features' => [
|
|
'conditional_access' => true,
|
|
],
|
|
];
|