driveProtectionRule resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Represents a protection rule associated with a OneDrive for Business protection policy.

Inherits from protectionRuleBase.

Methods

Method Return type Description
List driveProtectionRule collection Get a list of the driveProtectionRule objects and their properties.
Create driveProtectionRule Create a new driveProtectionRule.
Get driveProtectionRule Read the properties and relationships of a driveProtectionRule.
Delete None Delete a driveProtectionRule.
Run protectionRuleBase Activate a drive protection rule.

Properties

Property Type Description
id String The unique identifier of the protection rule associated with the policy.
createdBy identitySet entitySet The identity of the person who created the rule.
createdDateTime DateTimeOffset The date and time that the rule was created.
driveExpression String Contains a drive expression. For examples, see driveExpression examples.
error publicError If the operation fails, this property contains the details of the error.
isAutoApplyEnabled Boolean true indicates that the protection rule is dynamic; false that it's static. Static rules run once; dynamic rules listen to all changes in the system and update the protection unit list. Currently, only static rules are supported.
lastModifiedBy identitySet Identity of the person who last modified this rule.
lastModifiedDateTime DateTimeOffset The timestamp of the last modification to this rule.
status protectionRuleStatus The status of the protection rule. The following are the possible values: draft, active, completed, completedWithErrors, unknownFutureValue.

driveExpression examples

The following table shows possible formats for the drive expression.

Property Operator Example
memberOf -any (memberOf -any (group.id -in ['d7f5150a-0c6f-4894-a6a1-6df77b26f375']))
group.id -in (memberOf -any (group.id -in ['d7f5150a-0c6f-4894-a6a1-6df77b26f375', '363cdbd0-f091-4644-93e4-64c1020c94d8']))

protectionRuleStatus values

Member Description
draft The initial status of protection rule upon creation is draft.
active The status of the protection rule upon using the /run API.
completed The status of the protection rule after it's successfully applied to the corresponding policy.
completedWithErrors The status of the protection rule after it's applied to the corresponding policy and any failures occurred.
unknownFutureValue Evolvable enumeration sentinel value. Don't use.

Relationships

None.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.driveProtectionRule",
  "id": "String (identifier)",
  "status": "String",
  "createdDateTime": "String (timestamp)",
  "createdBy": {
    "@odata.type": "microsoft.graph.identitySet"
  },
  "lastModifiedDateTime": "String (timestamp)",
  "lastModifiedBy": {
    "@odata.type": "microsoft.graph.identitySet"
  },
  "error": {
    "@odata.type": "microsoft.graph.publicError"
  },
  "isAutoApplyEnabled": "Boolean",
  "driveExpression": "String"
}