Edit

Share via

Set-EntraConditionalAccessPolicy

Module:
Microsoft.Entra Module v1.1

Updates a conditional access policy in Microsoft Entra ID by Id.

Syntax

Default (Default) 

Set-EntraConditionalAccessPolicy

    -PolicyId <String>
    [-Conditions <ConditionalAccessConditionSet>]
    [-GrantControls <ConditionalAccessGrantControls>]
    [-DisplayName <String>]
    [-Id <String>]
    [-State <String>]
    [-SessionControls <ConditionalAccessSessionControls>]
    [<CommonParameters>]

Description

This cmdlet allows an admin to update a conditional access policy in Microsoft Entra ID by Id.

Conditional access policies are custom rules that define an access scenario.

In delegated scenarios with work or school accounts, when acting on another user, the signed-in user must have a supported Microsoft Entra role or custom role with the necessary permissions. The least privileged roles for this operation are:

  • Security Administrator
  • Conditional Access Administrator

Parameters

-Conditions

Specifies the conditions for the conditional access policy in Microsoft Entra ID.

Parameter properties

Type:ConditionalAccessConditionSet
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisplayName

Specifies the display name of a conditional access policy in Microsoft Entra ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-GrantControls

Specifies the controls for the conditional access policy in Microsoft Entra ID.

Parameter properties

Type:ConditionalAccessGrantControls
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Id

Specifies the policy Id of a conditional access policy in Microsoft Entra ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PolicyId

Specifies the policy Id of a conditional access policy in Microsoft Entra ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-SessionControls

Enables limited experiences within specific cloud applications.

Parameter properties

Type:ConditionalAccessSessionControls
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-State

Specifies the enabled or disabled state of the conditional access policy in Microsoft Entra ID.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Notes

Learn more about:

Condition access policy Built controls Conditions Session controls