Get-EntraDirectoryRoleDefinition
Gets information about role definitions in Microsoft Entra ID.
Syntax
GetQuery (Default)
Get-EntraDirectoryRoleDefinition
[-All]
[-Top <Int32>]
[-Filter <String>]
[-Property <String[]>]
[<CommonParameters>]
GetVague
Get-EntraDirectoryRoleDefinition
[-SearchString <String>]
[-All]
[-Property <String[]>]
[<CommonParameters>]
GetById
Get-EntraDirectoryRoleDefinition
-UnifiedRoleDefinitionId <String>
[-All]
[-Property <String[]>]
[<CommonParameters>]
Description
The Get-EntraDirectoryRoleDefinition cmdlet gets information about role definitions in Microsoft Entra ID. To get a role definition, specify the UnifiedRoleDefinitionId parameter. Specify the SearchString or Filter parameter to find particular role definition.
In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with one of the following permissions:
- microsoft.directory/roleAssignments/standard/read (least privileged)
- microsoft.directory/roleAssignments/allProperties/read
- microsoft.directory/roleAssignments/allProperties/allTasks
The least privileged roles for this operation, from least to most privileged, are:
- Directory Readers
- Global Reader
- Privileged Role Administrator
Parameters
-All
List all pages.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Filter
Specifies an OData v4.0 filter string to match a set of role definitions.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
GetQuery
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Property
Specifies properties to be returned
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Select |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-SearchString
Specifies a search string.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
GetVague
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Top
Specifies the maximum number of records that this cmdlet gets. The default value is 100.
Parameter properties
| Type: | System.Int32 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Limit |
Parameter sets
GetQuery
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-UnifiedRoleDefinitionId
Specifies the UnifiedRoleDefinitionId of the role definition.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Id |
Parameter sets
GetById
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
String
Notes
Get-EntraRoleDefinition is an alias for Get-EntraDirectoryRoleDefintion.