Skip to content

Latest commit

 

History

History
255 lines (137 loc) · 5.21 KB

REFERENCE.md

File metadata and controls

255 lines (137 loc) · 5.21 KB
Raw

Reference

Table of Contents

Classes

Functions

Classes

applocker

Configures applocker rules for windows. See readme on how to structure applocker rules.

lint:ignore:140chars

Examples

include applocker

Parameters

The following parameters are available in the applocker class:

exec_applocker_rules

Data type: Hash

Exec applocker rules to configure.

Default value: {}

msi_applocker_rules

Data type: Hash

msi applocker rules to configure.

Default value: {}

appx_applocker_rules

Data type: Hash

Packaged app rules to configure.

Default value: {}

script_applocker_rules

Data type: Hash

scipt applocker rules to configure.

Default value: {}

dll_applocker_rules

Data type: Hash

dll applocker rules to configure.

Default value: {}

executable_rules

Data type: Enum['Enabled','AuditOnly']

Mode for executable rules, Enum['Enabled','AuditOnly'] Default: AuditOnly.

Default value: 'AuditOnly'

msi_rules

Data type: Enum['Enabled','AuditOnly']

Mode for msi rules, Enum['Enabled','AuditOnly'] Default: AuditOnly.

Default value: 'AuditOnly'

dll_rules

Data type: Enum['Enabled','AuditOnly']

Mode for dll rules, Enum['Enabled','AuditOnly'] Default: AuditOnly.

Default value: 'AuditOnly'

script_rules

Data type: Enum['Enabled','AuditOnly']

Mode for script rules, Enum['Enabled','AuditOnly'] Default: AuditOnly.

Default value: 'AuditOnly'

packaged_app_rules

Data type: Enum['Enabled','AuditOnly']

Mode for packaged app rules, Enum['Enabled','AuditOnly'] Default: AuditOnly.

Default value: 'AuditOnly'

start_service

Data type: Boolean

Whether to start the applocker service. Default: true

Default value: true

applocker::service

Starts applocker service

Examples

private class

Functions

applocker::compare_rules

Type: Ruby 4.x API

Compares Windows applocker rules.

applocker::compare_rules(Hash $rules, Hash $desired_rules)

Compares Windows applocker rules.

Returns: Hash Returns true if match, if no match, false along with which rule failed to match.

rules

Data type: Hash

Existing rules from a host

desired_rules

Data type: Hash

Desired applocker rules from Puppet manifest.

applocker::extract_rules

Type: Ruby 4.x API

Extract applocker rules

applocker::extract_rules(Hash $rules)

Extract applocker rules

Returns: Hash Hash of all applocker rules in policy along with the rule hash.

rules

Data type: Hash

Applocker rules to extract

applocker::get_id

Type: Ruby 4.x API

Get ID of existing applocker rules. If no existing rule by that name, a new hash is generated.

applocker::get_id(Hash $applocker_rules, Hash $name_to_id)

Get ID of existing applocker rules. If no existing rule by that name, a new hash is generated.

Returns: Hash Hash with rulename to rule mapping.

applocker_rules

Data type: Hash

Applocker rules to check from Puppet catalog

name_to_id

Data type: Hash

Name to ID mapping to check.

applocker::hash_toxml

Type: Ruby 4.x API

Convert hash to xml

applocker::hash_toxml(Hash $hash_val)

Convert hash to xml

Returns: String XML string

hash_val

Data type: Hash

Hash to convert to XML

applocker::xml_tohash

Type: Ruby 4.x API

XML to hash

applocker::xml_tohash(String $xml_content)

XML to hash

Returns: Hash Hash converted from XML

xml_content

Data type: String

XML to convert to hash