unifiedRoleManagementPolicy resource type
Namespace: microsoft.graph
Specifies the various policies associated with scopes and roles. For policies that apply to Azure RBAC, use the Azure REST PIM API for role management policies.
Inherits from entity.
Methods
| Method | Return type | Description |
|---|---|---|
| List unifiedRoleManagementPolicies | unifiedRoleManagementPolicy collection | Get role management policies and their details. |
| Get unifiedRoleManagementPolicy | unifiedRoleManagementPolicy | Retrieve the details of a role management policy. |
| Update unifiedRoleManagementPolicy | unifiedRoleManagementPolicy | Update a role management policy. |
| List rules | unifiedRoleManagementPolicyRule collection | Get the rules defined for a role management policy. |
| Get unifiedRoleManagementPolicyRule | unifiedRoleManagementPolicyRule | Retrieve a rule defined for a role management policy. |
| Update unifiedRoleManagementPolicyRule | unifiedRoleManagementPolicyRule | Update a rule defined for a role management policy. |
Properties
| Property | Type | Description |
|---|---|---|
| description | String | Description for the policy. |
| displayName | String | Display name for the policy. |
| id | String | Unique identifier for the policy. |
| isOrganizationDefault | Boolean | This can only be set to true for a single tenant-wide policy which will apply to all scopes and roles. Set the scopeId to / and scopeType to Directory. Supports $filter (eq, ne). |
| lastModifiedBy | identity | The identity who last modified the role setting. |
| lastModifiedDateTime | DateTimeOffset | The time when the role setting was last modified. |
| scopeId | String | The identifier of the scope where the policy is created. Can be / for the tenant or a group ID. Required. |
| scopeType | String | The type of the scope where the policy is created. One of Directory, DirectoryRole, Group. Required. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| effectiveRules | unifiedRoleManagementPolicyRule collection | The list of effective rules like approval rules and expiration rules evaluated based on inherited referenced rules. For example, if there is a tenant-wide policy to enforce enabling an approval rule, the effective rule will be to enable approval even if the policy has a rule to disable approval. Supports $expand. |
| rules | unifiedRoleManagementPolicyRule collection | The collection of rules like approval rules and expiration rules. Supports $expand. |
JSON representation
The following is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.unifiedRoleManagementPolicy",
"id": "String (identifier)",
"displayName": "String",
"description": "String",
"isOrganizationDefault": "Boolean",
"scopeId": "String",
"scopeType": "String",
"lastModifiedDateTime": "String (timestamp)",
"lastModifiedBy": {
"@odata.type": "microsoft.graph.identity"
}
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for