Update-MgBetaDeviceManagementRoleDefinition
Update the navigation property roleDefinitions in deviceManagement
Note
To view the v1.0 release of this cmdlet, view Update-MgDeviceManagementRoleDefinition
Syntax
Update-MgBetaDeviceManagementRoleDefinition
-RoleDefinitionId <String>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-Description <String>]
[-DisplayName <String>]
[-Id <String>]
[-IsBuiltIn]
[-IsBuiltInRoleDefinition]
[-Permissions <IMicrosoftGraphRolePermission[]>]
[-RoleAssignments <IMicrosoftGraphRoleAssignment[]>]
[-RolePermissions <IMicrosoftGraphRolePermission[]>]
[-RoleScopeTagIds <String[]>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaDeviceManagementRoleDefinition
-RoleDefinitionId <String>
-BodyParameter <IMicrosoftGraphRoleDefinition>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaDeviceManagementRoleDefinition
-InputObject <IDeviceManagementAdministrationIdentity>
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-Description <String>]
[-DisplayName <String>]
[-Id <String>]
[-IsBuiltIn]
[-IsBuiltInRoleDefinition]
[-Permissions <IMicrosoftGraphRolePermission[]>]
[-RoleAssignments <IMicrosoftGraphRoleAssignment[]>]
[-RolePermissions <IMicrosoftGraphRolePermission[]>]
[-RoleScopeTagIds <String[]>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-MgBetaDeviceManagementRoleDefinition
-InputObject <IDeviceManagementAdministrationIdentity>
-BodyParameter <IMicrosoftGraphRoleDefinition>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Update the navigation property roleDefinitions in deviceManagement
Parameters
-AdditionalProperties
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BodyParameter
The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role. To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IMicrosoftGraphRoleDefinition |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Description of the Role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisplayName
Display Name of the Role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
| Type: | IDeviceManagementAdministrationIdentity |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-IsBuiltIn
Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IsBuiltInRoleDefinition
Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Permissions
List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission. To construct, see NOTES section for PERMISSIONS properties and create a hash table.
| Type: | IMicrosoftGraphRolePermission[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleAssignments
List of Role assignments for this role definition. To construct, see NOTES section for ROLEASSIGNMENTS properties and create a hash table.
| Type: | IMicrosoftGraphRoleAssignment[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleDefinitionId
The unique identifier of roleDefinition
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RolePermissions
List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission. To construct, see NOTES section for ROLEPERMISSIONS properties and create a hash table.
| Type: | IMicrosoftGraphRolePermission[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleScopeTagIds
List of Scope Tags for this Entity instance.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IDeviceManagementAdministrationIdentity
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphRoleDefinition
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphRoleDefinition
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphRoleDefinition>: The Role Definition resource.
The role definition is the foundation of role based access in Intune.
The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource.
There are two types of roles, built-in and custom.
Built-in roles cannot be modified.
Both built-in roles and custom roles must have assignments to be enforced.
Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[(Any) <Object>]: This indicates any property can be added to this object.[Id <String>]: The unique identifier for an entity. Read-only.[Description <String>]: Description of the Role definition.[DisplayName <String>]: Display Name of the Role definition.[IsBuiltIn <Boolean?>]: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[IsBuiltInRoleDefinition <Boolean?>]: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[Permissions <IMicrosoftGraphRolePermission-[]>]: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[Actions <String-[]>]: Allowed Actions - Deprecated[ResourceActions <IMicrosoftGraphResourceAction-[]>]: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-[]>]: Allowed Actions[NotAllowedResourceActions <String-[]>]: Not Allowed Actions.
[RoleAssignments <IMicrosoftGraphRoleAssignment-[]>]: List of Role assignments for this role definition.[Id <String>]: The unique identifier for an entity. Read-only.[Description <String>]: Description of the Role Assignment.[DisplayName <String>]: The display or friendly name of the role Assignment.[ResourceScopes <String-[]>]: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.[ScopeMembers <String-[]>]: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[ScopeType <RoleAssignmentScopeType?>]: Specifies the type of scope for a Role Assignment.
[RolePermissions <IMicrosoftGraphRolePermission-[]>]: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[RoleScopeTagIds <String-[]>]: List of Scope Tags for this Entity instance.
INPUTOBJECT <IDeviceManagementAdministrationIdentity>: Identity Parameter
[AuditEventId <String>]: The unique identifier of auditEvent[CartToClassAssociationId <String>]: The unique identifier of cartToClassAssociation[CloudPcAuditEventId <String>]: The unique identifier of cloudPcAuditEvent[CloudPcBulkActionId <String>]: The unique identifier of cloudPcBulkAction[CloudPcDeviceImageId <String>]: The unique identifier of cloudPcDeviceImage[CloudPcExportJobId <String>]: The unique identifier of cloudPcExportJob[CloudPcExternalPartnerSettingId <String>]: The unique identifier of cloudPcExternalPartnerSetting[CloudPcFrontLineServicePlanId <String>]: The unique identifier of cloudPcFrontLineServicePlan[CloudPcGalleryImageId <String>]: The unique identifier of cloudPcGalleryImage[CloudPcId <String>]: The unique identifier of cloudPC[CloudPcOnPremisesConnectionId <String>]: The unique identifier of cloudPcOnPremisesConnection[CloudPcProvisioningPolicyAssignmentId <String>]: The unique identifier of cloudPcProvisioningPolicyAssignment[CloudPcProvisioningPolicyId <String>]: The unique identifier of cloudPcProvisioningPolicy[CloudPcServicePlanId <String>]: The unique identifier of cloudPcServicePlan[CloudPcSharedUseServicePlanId <String>]: The unique identifier of cloudPcSharedUseServicePlan[CloudPcSnapshotId <String>]: The unique identifier of cloudPcSnapshot[CloudPcSupportedRegionId <String>]: The unique identifier of cloudPcSupportedRegion[CloudPcUserSettingAssignmentId <String>]: The unique identifier of cloudPcUserSettingAssignment[CloudPcUserSettingId <String>]: The unique identifier of cloudPcUserSetting[ComanagementEligibleDeviceId <String>]: The unique identifier of comanagementEligibleDevice[ComplianceManagementPartnerId <String>]: The unique identifier of complianceManagementPartner[DeviceAndAppManagementRoleAssignmentId <String>]: The unique identifier of deviceAndAppManagementRoleAssignment[DeviceManagementDomainJoinConnectorId <String>]: The unique identifier of deviceManagementDomainJoinConnector[DeviceManagementExchangeConnectorId <String>]: The unique identifier of deviceManagementExchangeConnector[DeviceManagementExchangeOnPremisesPolicyId <String>]: The unique identifier of deviceManagementExchangeOnPremisesPolicy[DeviceManagementPartnerId <String>]: The unique identifier of deviceManagementPartner[GroupPolicyCategoryId <String>]: The unique identifier of groupPolicyCategory[GroupPolicyCategoryId1 <String>]: The unique identifier of groupPolicyCategory[GroupPolicyDefinitionFileId <String>]: The unique identifier of groupPolicyDefinitionFile[GroupPolicyDefinitionId <String>]: The unique identifier of groupPolicyDefinition[GroupPolicyMigrationReportId <String>]: The unique identifier of groupPolicyMigrationReport[GroupPolicyObjectFileId <String>]: The unique identifier of groupPolicyObjectFile[GroupPolicyOperationId <String>]: The unique identifier of groupPolicyOperation[GroupPolicyPresentationId <String>]: The unique identifier of groupPolicyPresentation[GroupPolicySettingMappingId <String>]: The unique identifier of groupPolicySettingMapping[GroupPolicyUploadedDefinitionFileId <String>]: The unique identifier of groupPolicyUploadedDefinitionFile[IntuneBrandingProfileAssignmentId <String>]: The unique identifier of intuneBrandingProfileAssignment[IntuneBrandingProfileId <String>]: The unique identifier of intuneBrandingProfile[IosUpdateDeviceStatusId <String>]: The unique identifier of iosUpdateDeviceStatus[ManagedAllDeviceCertificateStateId <String>]: The unique identifier of managedAllDeviceCertificateState[MobileThreatDefenseConnectorId <String>]: The unique identifier of mobileThreatDefenseConnector[NdesConnectorId <String>]: The unique identifier of ndesConnector[RemoteAssistancePartnerId <String>]: The unique identifier of remoteAssistancePartner[ResourceOperationId <String>]: The unique identifier of resourceOperation[RestrictedAppsViolationId <String>]: The unique identifier of restrictedAppsViolation[RoleAssignmentId <String>]: The unique identifier of roleAssignment[RoleDefinitionId <String>]: The unique identifier of roleDefinition[RoleScopeTagAutoAssignmentId <String>]: The unique identifier of roleScopeTagAutoAssignment[RoleScopeTagId <String>]: The unique identifier of roleScopeTag[TelecomExpenseManagementPartnerId <String>]: The unique identifier of telecomExpenseManagementPartner[TermsAndConditionsAcceptanceStatusId <String>]: The unique identifier of termsAndConditionsAcceptanceStatus[TermsAndConditionsAssignmentId <String>]: The unique identifier of termsAndConditionsAssignment[TermsAndConditionsGroupAssignmentId <String>]: The unique identifier of termsAndConditionsGroupAssignment[TermsAndConditionsId <String>]: The unique identifier of termsAndConditions[UnsupportedGroupPolicyExtensionId <String>]: The unique identifier of unsupportedGroupPolicyExtension[UserId <String>]: The unique identifier of user[UserPfxCertificateId <String>]: The unique identifier of userPFXCertificate
PERMISSIONS <IMicrosoftGraphRolePermission- []>: List of Role Permissions this role is allowed to perform.
These must match the actionName that is defined as part of the rolePermission.
[Actions <String-[]>]: Allowed Actions - Deprecated[ResourceActions <IMicrosoftGraphResourceAction-[]>]: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-[]>]: Allowed Actions[NotAllowedResourceActions <String-[]>]: Not Allowed Actions.
ROLEASSIGNMENTS <IMicrosoftGraphRoleAssignment- []>: List of Role assignments for this role definition.
[Id <String>]: The unique identifier for an entity. Read-only.[Description <String>]: Description of the Role Assignment.[DisplayName <String>]: The display or friendly name of the role Assignment.[ResourceScopes <String-[]>]: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.[(Any) <Object>]: This indicates any property can be added to this object.[Id <String>]: The unique identifier for an entity. Read-only.[Description <String>]: Description of the Role definition.[DisplayName <String>]: Display Name of the Role definition.[IsBuiltIn <Boolean?>]: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[IsBuiltInRoleDefinition <Boolean?>]: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[Permissions <IMicrosoftGraphRolePermission-[]>]: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[Actions <String-[]>]: Allowed Actions - Deprecated[ResourceActions <IMicrosoftGraphResourceAction-[]>]: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-[]>]: Allowed Actions[NotAllowedResourceActions <String-[]>]: Not Allowed Actions.
[RoleAssignments <IMicrosoftGraphRoleAssignment-[]>]: List of Role assignments for this role definition.[RolePermissions <IMicrosoftGraphRolePermission-[]>]: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[RoleScopeTagIds <String-[]>]: List of Scope Tags for this Entity instance.
[ScopeMembers <String-[]>]: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[ScopeType <RoleAssignmentScopeType?>]: Specifies the type of scope for a Role Assignment.
ROLEPERMISSIONS <IMicrosoftGraphRolePermission- []>: List of Role Permissions this role is allowed to perform.
These must match the actionName that is defined as part of the rolePermission.
[Actions <String-[]>]: Allowed Actions - Deprecated[ResourceActions <IMicrosoftGraphResourceAction-[]>]: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-[]>]: Allowed Actions[NotAllowedResourceActions <String-[]>]: Not Allowed Actions.