New-RetentionComplianceRule
This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the New-RetentionComplianceRule cmdlet to create new retention rules in the Microsoft Purview compliance portal.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
New-RetentionComplianceRule
-ApplyComplianceTag <String>
-Policy <PolicyIdParameter>
[-ContentContainsSensitiveInformation <PswsHashtable[]>]
[-Confirm]
[-ContentMatchQuery <String>]
[-ExpirationDateOption <String>]
[-IRMRiskyUserProfiles <String>]
[-MachineLearningModelIDs <MultiValuedProperty>]
[-PriorityCleanup]
[-RetentionComplianceAction <String>]
[-WhatIf]
[<CommonParameters>]
New-RetentionComplianceRule
[-Name] <String>
-Policy <PolicyIdParameter>
[-Comment <String>]
[-ExcludedItemClasses <MultiValuedProperty>]
[-RetentionDuration <Unlimited>]
[-RetentionDurationDisplayHint <HoldDurationHint>]
[-Confirm]
[-ContentMatchQuery <String>]
[-ExpirationDateOption <String>]
[-PriorityCleanup]
[-RetentionComplianceAction <String>]
[-WhatIf]
[<CommonParameters>]
New-RetentionComplianceRule
-Policy <PolicyIdParameter>
-PublishComplianceTag <String>
[-Confirm]
[-ExpirationDateOption <String>]
[-PriorityCleanup]
[-RetentionComplianceAction <String>]
[-WhatIf]
[<CommonParameters>]
Description
The retention rule must be added to an existing retention policy using the Policy parameter. Only one rule can be added to each retention policy.
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
New-RetentionComplianceRule -Name InternalCompanyRule -Policy "Internal Company Policy" -RetentionDuration Unlimited
This example creates a new case hold rule named InternalCompanyRule and adds it to the existing case hold policy named "Internal Company Policy". Content will be held indefinitely.
Example 2
New-RetentionComplianceRule -Name SeptOneYear -Policy "Internal Company Policy" -RetentionDuration 365 -RetentionComplianceAction KeepAndDelete -ExpirationDateOption ModificationAgeInDays
This example creates a new retention rule named SeptOneYear and adds it to the existing retention policy named "Internal Company Policy". Content will be held for one year from the day content was last modified before it is deleted.
Parameters
-ApplyComplianceTag
The ApplyComplianceTag parameter specifies the label that's applied to email messages or documents by the rule (which affects how long the content is retained). A valid value for this parameter is the name of an existing label. If the value contains spaces, enclose the value in quotation marks.
You view and create labels by using the Get-ComplianceTag and New-ComplianceTag cmdlets.
You can't use this parameter with the Name or PublishComplianceTag parameters.
You can't use this parameter for Teams retention rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-Comment
The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note".
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false
. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-ContentContainsSensitiveInformation
The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type.
This parameter uses the basic syntax @(@{Name="SensitiveInformationType1";[minCount="Value"],@{Name="SensitiveInformationType2";[minCount="Value"],...)
. For example, @(@{Name="U.S. Social Security Number (SSN)"; minCount="2"},@{Name="Credit Card Number"})
.
Use the Get-DLPSensitiveInformationType cmdlet to list the sensitive information types for your organization. For more information on sensitive information types, see What the sensitive information types in Exchange look for.
You can use this parameter with the ApplyComplianceTag parameter.
You can't use this parameter for Teams retention rules.
Type: | PswsHashtable[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-ContentMatchQuery
The ContentMatchQuery parameter specifies a content search filter.
This parameter uses a text search string or a query that's formatted by using the Keyword Query Language (KQL). For more information, see Keyword Query Language (KQL) syntax reference and Keyword queries and search conditions for eDiscovery.
You can't use this parameter for Teams retention rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-ExcludedItemClasses
The ExcludedItemClasses parameter specifies the types of messages to exclude from the rule. You can use this parameter only to exclude items from a hold policy, which excludes the specified item class from being held. Using this parameter won't exclude items from deletion policies. Typically, you use this parameter to exclude voicemail messages, IM conversations, and other Skype for Business Online content from being held by a hold policy. Common Skype for Business values include:
- IPM.Note.Microsoft.Conversation
- IPM.Note.Microsoft.Conversation.Voice
- IPM.Note.Microsoft.Missed
- IPM.Note.Microsoft.Missed.Voice
- IPM.Note.Microsoft.Voicemail
- IPM.Note.Microsoft.VoiceMessage.UA
- IPM.Note.Microsoft.Voicemail.UM
- IPM.Note.Microsoft.Voicemail.UM.CA
Additionally, you can specify message classes for Exchange items and custom or third-party message classes. Note that the values you specify aren't validated, so the parameter accepts any text value.
You can specify multiple item class values by using the following syntax: "Value1","Value2",..."ValueN"
.
You can't use this parameter for Teams retention rules.
Type: | MultiValuedProperty |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-ExpirationDateOption
The ExpirationDateOption parameter specifies whether the expiration date is calculated from the content creation date or last modification date. Valid values are:
- CreationAgeInDays
- ModificationAgeInDays
You can't use this parameter for Teams retention rules.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-IRMRiskyUserProfiles
{{ Fill IRMRiskyUserProfiles Description }}
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-MachineLearningModelIDs
This parameter is reserved for internal Microsoft use.
Type: | MultiValuedProperty |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-Name
The Name parameter specifies a unique name for the retention rule. If the value contains spaces, enclose the value in quotation marks.
You can't use this parameter with the ApplyComplianceTag or PublishComplianceTag parameters.
Type: | String |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-Policy
The Policy parameter specifies the policy to contain the rule.
Type: | PolicyIdParameter |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-PriorityCleanup
{{ Fill PriorityCleanup Description }}
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-PublishComplianceTag
The PublishComplianceTag parameter specifies the label that's published for the rule, which makes the label visible to users in apps (for example, Outlook, SharePoint, and OneDrive). A valid value for this parameter is the name of an existing label. If the value contains spaces, enclose the value in quotation marks.
You view and create labels by using the Get-ComplianceTag and New-ComplianceTag cmdlets.
You can't use this parameter in the following scenarios:
- With the Name or ApplyComplianceTag parameters.
- For Teams retention rules.
- With cloud attachment policies.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-RetentionComplianceAction
The RetentionComplianceAction parameter specifies the retention action for the rule. Valid values are:
- Delete
- Keep
- KeepAndDelete
If you don't use this parameter, the retention policy is created as an "UniH" policy instead of a "mbx" policy.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-RetentionDuration
The RetentionDuration parameter specifies the hold duration for the retention rule. Valid values are:
- An integer: The hold duration in days.
- Unlimited: The content is held indefinitely.
Type: | Unlimited |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-RetentionDurationDisplayHint
The RetentionDurationDisplayHint parameter specifies the units that are used to display the retention duration in the Microsoft Purview compliance portal. Valid values are:
- Days
- Months
- Years
For example, if this parameter is set to the value Years, and the RetentionDuration parameter is set to the value 365, the Microsoft Purview compliance portal will display 1 year as the content hold duration.
You can't use this parameter for Teams retention rules.
Type: | HoldDurationHint |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-WhatIf
The WhatIf switch doesn't work in Security & Compliance PowerShell.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |