| title | policyTenantScope resource type |
|---|---|
| description | Defines the scope of a data governance policy at the tenant level, including user binding information. |
| author | kylemar |
| ms.date | 04/08/2025 |
| ms.localizationpriority | medium |
| ms.subservice | security |
| doc_type | resourcePageType |
Namespace: microsoft.graph
Defines the scope of a data governance policy at the tenant level, including user binding information.
Returned from compute protection scope
Inherits from policyScopeBase.
| Property | Type | Description |
|---|---|---|
| activities | microsoft.graph.security.userActivityTypes | Flags specifying the user activities the calling application supports or is interested. Possible values are none, uploadText, uploadFile, downloadText, downloadFile, unknownFutureValue. Required. This object is a multi-valued enumeration. |
| executionMode | microsoft.graph.security.executionMode | Policy execution mode at the tenant level. Possible values are evaluateInline and evaluateOffline. Inherited from policyScopeBase. Required. |
| locations | Collection(microsoft.graph.policyLocation) | Locations protected at the tenant level. Inherited from policyScopeBase. Required. |
| policyActions | Collection(microsoft.graph.dlpActionInfo) | Enforcement actions at the tenant level. Inherited from policyScopeBase. Required. |
| policyScope | microsoft.graph.policyBinding | Specifies the users and groups included in or excluded from this tenant-level policy scope. |
None.
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.policyTenantScope",
"activities": "String",
"executionMode": "String",
"locations": [
{
"@odata.type": "microsoft.graph.policyLocation"
}
],
"policyActions": [
{
"@odata.type": "microsoft.graph.dlpActionInfo"
}
],
"policyScope": {
"@odata.type": "microsoft.graph.policyBinding"
}
}