diff --git a/CHANGELOG.md b/CHANGELOG.md index 6845ab5c9e..ecec49722f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -116,8 +116,6 @@ * EXOArcConfig * Fixed `Test-TargetResource` to correctly check property `ArcTrustedSealers` when it has an array -* EXOM365DataAtRestEncryptionPolicy - * Initial release. * EXOMailboxAuditBypassAssociation * Initial release. * EXOMailboxSettings diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.psm1 deleted file mode 100644 index 47e321452c..0000000000 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.psm1 +++ /dev/null @@ -1,395 +0,0 @@ -function Get-TargetResource -{ - [CmdletBinding()] - [OutputType([System.Collections.Hashtable])] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.String] - $Description, - - [Parameter()] - [System.Boolean] - $Enabled, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.String[]] - $AzureKeyIDs, - - [Parameter()] - [ValidateSet('Present', 'Absent')] - [System.String] - $Ensure, - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - New-M365DSCConnection -Workload 'ExchangeOnline' ` - -InboundParameters $PSBoundParameters | Out-Null - - Confirm-M365DSCDependencies - - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand - $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - - $nullResult = $PSBoundParameters - $nullResult.Ensure = 'Absent' - try - { - if ($null -ne $Script:exportedInstances -and $Script:ExportMode) - { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity.Name -eq $Identity} - } - else - { - $instance = Get-M365DataAtRestEncryptionPolicy -Identity $Identity -ErrorAction Stop - } - if ($null -eq $instance) - { - return $nullResult - } - - $results = @{ - Identity = $Identity - Description = [System.String]$instance.Description - Enabled = [System.Boolean]$instance.Enabled - Name = [System.String]$instance.Name - AzureKeyIDs = [System.String[]]$instance.AzureKeyIDs - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - } - return [System.Collections.Hashtable] $results - } - catch - { - New-M365DSCLogEntry -Message 'Error retrieving data:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential - - return $nullResult - } -} - -function Set-TargetResource -{ - [CmdletBinding()] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.String] - $Description, - - [Parameter()] - [System.Boolean] - $Enabled, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.String[]] - $AzureKeyIDs, - - [Parameter()] - [ValidateSet('Present', 'Absent')] - [System.String] - $Ensure, - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - #Ensure the proper dependencies are installed in the current environment. - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand - $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - $currentInstance = Get-TargetResource @PSBoundParameters - - $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - - # CREATE - if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') - { - $setParameters.Remove('Identity') - New-M365DataAtRestEncryptionPolicy @SetParameters - } - # UPDATE - elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') - { - $setParameters.Remove('AzureKeyIDs') - $setParameters.Remove('Name') - Set-M365DataAtRestEncryptionPolicy @SetParameters - } - elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') - { - Write-Warning "Removal of EXOM365DataAtRestEncryptionPolicy is not supported." - } -} - -function Test-TargetResource -{ - [CmdletBinding()] - [OutputType([System.Boolean])] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.String] - $Description, - - [Parameter()] - [System.Boolean] - $Enabled, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.String[]] - $AzureKeyIDs, - - [Parameter()] - [ValidateSet('Present', 'Absent')] - [System.String] - $Ensure, - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - #Ensure the proper dependencies are installed in the current environment. - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand - $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - $CurrentValues = Get-TargetResource @PSBoundParameters - $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() - - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" - Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - - $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - - Write-Verbose -Message "Test-TargetResource returned $testResult" - - return $testResult -} - -function Export-TargetResource -{ - [CmdletBinding()] - [OutputType([System.String])] - param - ( - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.Management.Automation.PSCredential] - $ApplicationSecret, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` - -InboundParameters $PSBoundParameters - - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand - $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - try - { - $Script:ExportMode = $true - [array] $Script:exportedInstances = Get-M365DataAtRestEncryptionPolicy -ErrorAction Stop - - $i = 1 - $dscContent = '' - if ($Script:exportedInstances.Length -eq 0) - { - Write-Host $Global:M365DSCEmojiGreenCheckMark - } - else - { - Write-Host "`r`n" -NoNewline - } - foreach ($config in $Script:exportedInstances) - { - $displayedKey = $config.Identity - Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline - $params = @{ - Identity = $config.Identity - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - } - - $Results = Get-TargetResource @Params - $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results - - $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential - $dscContent += $currentDSCBlock - Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName - $i++ - Write-Host $Global:M365DSCEmojiGreenCheckMark - } - return $dscContent - } - catch - { - Write-Host $Global:M365DSCEmojiRedX - - New-M365DSCLogEntry -Message 'Error during Export:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential - - return '' - } -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.schema.mof deleted file mode 100644 index d790e46f09..0000000000 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/MSFT_EXOM365DataAtRestEncryptionPolicy.schema.mof +++ /dev/null @@ -1,16 +0,0 @@ -[ClassVersion("1.0.0.0"), FriendlyName("EXOM365DataAtRestEncryptionPolicy")] -class MSFT_EXOM365DataAtRestEncryptionPolicy : OMI_BaseResource -{ - [Key, Description("The Identity parameter specifies the data-at-rest encryption policy that you want to modify.")] String Identity; - [Write, Description("The Name parameter specifies a unique name for the Microsoft 365 data-at-rest encryption policy.")] String Name; - [Write, Description("The Description parameter specifies an optional description for the policy.")] String Description; - [Write, Description("The Enabled parameter specifies whether the policy is enabled or disabled. ")] Boolean Enabled; - [Write, Description("The AzureKeyIDs parameter specifies the URL of the encryption key in the Azure Key Vault that's used for encryption.")] String AzureKeyIDs[]; - [Write, Description("Present ensures the instance exists, absent ensures it is removed."), ValueMap{"Absent","Present"}, Values{"Absent","Present"}] string Ensure; - [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; - [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; - [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; - [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; - [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; - [Write, Description("Access token used for authentication.")] String AccessTokens[]; -}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/readme.md deleted file mode 100644 index 77f3d11aeb..0000000000 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/readme.md +++ /dev/null @@ -1,5 +0,0 @@ -# EXOM365DataAtRestEncryptionPolicy - -## Description - -Microsoft 365 data-at-rest encryption policy for multi-workload usage. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/settings.json deleted file mode 100644 index 0e930a6e20..0000000000 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOM365DataAtRestEncryptionPolicy/settings.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "resourceName": "EXOM365DataAtRestEncryptionPolicy", - "description": "Microsoft 365 data-at-rest encryption policy for multi-workload usage.", - "roles": { - "read": [ - "Global Reader" - ], - "update": [ - "Exchange Administrator" - ] - }, - "permissions": { - "graph": { - "delegated": { - "read": [], - "update": [] - }, - "application": { - "read": [], - "update": [] - } - }, - "exchange": { - "requiredroles": [ - "Compliance Admin" - ], - "requiredrolegroups": "Organization Management" - } - } -} diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/1-Create.ps1 deleted file mode 100644 index cd20934197..0000000000 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/1-Create.ps1 +++ /dev/null @@ -1,38 +0,0 @@ -<# -This example is used to test new resources and showcase the usage of new resources being worked on. -It is not meant to use as a production baseline. -#> - -Configuration Example -{ - param( - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint - ) - Import-DscResource -ModuleName Microsoft365DSC - - node localhost - { - EXOM365DataAtRestEncryptionPolicy "M365DataAtRestEncryptionPolicy-Riyansh_Policy" - { - AzureKeyIDs = @("https://m365dataatrestencryption.vault.azure.net/keys/EncryptionKey","https://m365datariyansh.vault.azure.net/keys/EncryptionRiyansh"); - Description = "Tenant default policy 1"; - Enabled = $True; - Ensure = "Present"; - Identity = "Riyansh_Policy"; - Name = "Riyansh_Policy"; - ApplicationId = $ApplicationId; - TenantId = $TenantId; - CertificateThumbprint = $CertificateThumbprint; - } - } -} diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/2-Update.ps1 deleted file mode 100644 index a2b808a007..0000000000 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/2-Update.ps1 +++ /dev/null @@ -1,38 +0,0 @@ -<# -This example is used to test new resources and showcase the usage of new resources being worked on. -It is not meant to use as a production baseline. -#> - -Configuration Example -{ - param( - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint - ) - Import-DscResource -ModuleName Microsoft365DSC - - node localhost - { - EXOM365DataAtRestEncryptionPolicy "M365DataAtRestEncryptionPolicy-Riyansh_Policy" - { - AzureKeyIDs = @("https://m365dataatrestencryption.vault.azure.net/keys/EncryptionKey","https://m365datariyansh.vault.azure.net/keys/EncryptionRiyansh"); - Description = "Tenant default policy 2"; # drift - Enabled = $True; - Ensure = "Present"; - Identity = "Riyansh_Policy"; - Name = "Riyansh_Policy"; - ApplicationId = $ApplicationId; - TenantId = $TenantId; - CertificateThumbprint = $CertificateThumbprint; - } - } -} diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/3-Remove.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/3-Remove.ps1 deleted file mode 100644 index 2fb04326d1..0000000000 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOM365DataAtRestEncryptionPolicy/3-Remove.ps1 +++ /dev/null @@ -1,38 +0,0 @@ -<# -This example is used to test new resources and showcase the usage of new resources being worked on. -It is not meant to use as a production baseline. -#> - -Configuration Example -{ - param( - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint - ) - Import-DscResource -ModuleName Microsoft365DSC - - node localhost - { - EXOM365DataAtRestEncryptionPolicy "M365DataAtRestEncryptionPolicy-Riyansh_Policy" - { - AzureKeyIDs = @("https://m365dataatrestencryption.vault.azure.net/keys/EncryptionKey","https://m365datariyansh.vault.azure.net/keys/EncryptionRiyansh"); - Description = "Tenant default policy 1"; - Enabled = $True; - Ensure = "Absent"; - Identity = "Riyansh_Policy"; - Name = "Riyansh_Policy"; - ApplicationId = $ApplicationId; - TenantId = $TenantId; - CertificateThumbprint = $CertificateThumbprint; - } - } -} diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOM365DataAtRestEncryptionPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOM365DataAtRestEncryptionPolicy.Tests.ps1 deleted file mode 100644 index 9969ea0126..0000000000 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOM365DataAtRestEncryptionPolicy.Tests.ps1 +++ /dev/null @@ -1,207 +0,0 @@ -[CmdletBinding()] -param( -) -$M365DSCTestFolder = Join-Path -Path $PSScriptRoot ` - -ChildPath '..\..\Unit' ` - -Resolve -$CmdletModule = (Join-Path -Path $M365DSCTestFolder ` - -ChildPath '\Stubs\Microsoft365.psm1' ` - -Resolve) -$GenericStubPath = (Join-Path -Path $M365DSCTestFolder ` - -ChildPath '\Stubs\Generic.psm1' ` - -Resolve) -Import-Module -Name (Join-Path -Path $M365DSCTestFolder ` - -ChildPath '\UnitTestHelper.psm1' ` - -Resolve) - -$CurrentScriptPath = $PSCommandPath.Split('\') -$CurrentScriptName = $CurrentScriptPath[$CurrentScriptPath.Length -1] -$ResourceName = $CurrentScriptName.Split('.')[1] -$Global:DscHelper = New-M365DscUnitTestHelper -StubModule $CmdletModule ` - -DscResource $ResourceName -GenericStubModule $GenericStubPath - -Describe -Name $Global:DscHelper.DescribeHeader -Fixture { - InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { - Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope - BeforeAll { - - $secpasswd = ConvertTo-SecureString (New-Guid | Out-String) -AsPlainText -Force - $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) - - Mock -CommandName Confirm-M365DSCDependencies -MockWith { - } - - Mock -CommandName New-M365DSCConnection -MockWith { - return "Credentials" - } - - Mock -CommandName Set-M365DataAtRestEncryptionPolicy -MockWith { - return $null - } - - Mock -CommandName New-M365DataAtRestEncryptionPolicy -MockWith { - return $null - } - - # Mock Write-Host to hide output during the tests - Mock -CommandName Write-Host -MockWith { - } - $Script:exportedInstances =$null - $Script:ExportMode = $false - } - # Test contexts - Context -Name "The instance should exist but it DOES NOT" -Fixture { - BeforeAll { - $testParams = @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - Ensure = 'Present' - Credential = $Credential; - } - - Mock -CommandName Get-M365DataAtRestEncryptionPolicy -MockWith { - return $null - } - } - It 'Should return Values from the Get method' { - (Get-TargetResource @testParams).Ensure | Should -Be 'Absent' - } - It 'Should return false from the Test method' { - Test-TargetResource @testParams | Should -Be $false - } - - It 'Should create a new instance from the Set method' { - Set-TargetResource @testParams - Should -Invoke -CommandName New-M365DataAtRestEncryptionPolicy -Exactly 1 - } - } - - Context -Name "The instance exists but it SHOULD NOT" -Fixture { - BeforeAll { - $testParams = @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - Ensure = 'Absent' - Credential = $Credential; - } - - Mock -CommandName Get-M365DataAtRestEncryptionPolicy -MockWith { - return @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - } - } - } - It 'Should return Values from the Get method' { - (Get-TargetResource @testParams).Ensure | Should -Be 'Present' - } - It 'Should return false from the Test method' { - Test-TargetResource @testParams | Should -Be $false - } - - It 'Should remove the instance from the Set method' { - Set-TargetResource @testParams - } - } - - Context -Name "The instance exists and values are already in the desired state" -Fixture { - BeforeAll { - $testParams = @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - Ensure = 'Present' - Credential = $Credential; - } - - Mock -CommandName Get-M365DataAtRestEncryptionPolicy -MockWith { - return @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - } - } - } - - It 'Should return true from the Test method' { - Test-TargetResource @testParams | Should -Be $true - } - } - - Context -Name "The instance exists and values are NOT in the desired state" -Fixture { - BeforeAll { - $testParams = @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue' - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - Ensure = 'Present' - Credential = $Credential; - } - - Mock -CommandName Get-M365DataAtRestEncryptionPolicy -MockWith { - return @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue2' #drift - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - } - } - } - - It 'Should return Values from the Get method' { - (Get-TargetResource @testParams).Ensure | Should -Be 'Present' - } - - It 'Should return false from the Test method' { - Test-TargetResource @testParams | Should -Be $false - } - - It 'Should call the Set method' { - Set-TargetResource @testParams - Should -Invoke -CommandName Set-M365DataAtRestEncryptionPolicy -Exactly 1 - } - } - - Context -Name 'ReverseDSC Tests' -Fixture { - BeforeAll { - $Global:CurrentModeIsExport = $true - $Global:PartialExportFileName = "$(New-Guid).partial.ps1" - $testParams = @{ - Credential = $Credential; - } - - Mock -CommandName Get-M365DataAtRestEncryptionPolicy -MockWith { - return @{ - Identity = 'FakeStringValue' - Name = 'FakeStringValue' - Description = 'FakeStringValue2' #drift - Enabled = $true - AzureKeyIDs = @('FakeStringValue1', 'FakeStringValue2') - } - } - } - It 'Should Reverse Engineer resource from the Export method' { - $result = Export-TargetResource @testParams - $result | Should -Not -BeNullOrEmpty - } - } - } -} - -Invoke-Command -ScriptBlock $Global:DscHelper.CleanupScript -NoNewScope