Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
requestedPermissions = @{
"@odata.type" = "#microsoft.graph.awsPermissionsDefinition"
authorizationSystemInfo = @{
authorizationSystemId = "956987887735"
authorizationSystemType = "AWS"
}
actionInfo = @{
"@odata.type" = "microsoft.graph.awsPolicyPermissionsDefinitionAction"
policies = @(
@{
id = "arn:aws:iam::956987887735:policy/AddUserToGroup"
}
)
assignToRoleId = "arn:aws:aim::956987887735:role/saml-user"
}
identityInfo = @{
externalId = "alex@contoso.com"
source = @{
"@odata.type" = "microsoft.graph.samlIdentitySource"
}
identityType = "user"
}
}
justification = "I need to do this because I want to add a user to a group"
notes = "Pretty Please"
scheduleInfo = @{
expiration = @{
duration = "PT1H"
}
}
ticketInfo = @{
ticketNumber = "INC1234567"
ticketSystem = "ServiceNow"
ticketSubmitterIdentityId = "alex@contoso.com"
ticketApproverIdentityId = "alexmanager@contoso.com"
}
}
New-MgBetaIdentityGovernancePermissionManagementScheduledPermissionRequest -BodyParameter $params
This example will aws policy request
Example 2: Azure roles request
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
requestedPermissions = @{
"@odata.type" = "microsoft.graph.singleResourceAzurePermissionsDefinition"
authorizationSystemInfo = @{
authorizationSystemId = "87eefd90-95a3-480a-ba42-56ff299a05ee"
authorizationSystemType = "AZURE"
}
actionInfo = @{
"@odata.type" = "microsoft.graph.azureRolePermissionsDefinitionAction"
roles = @(
@{
id = "cdda3590-29a3-44f6-95f2-9f980659eb04"
}
@{
id = "312a565d-c81f-4fd8-895a-4e21e48d571c"
}
)
}
identityInfo = @{
externalId = "alex@contoso.com"
source = @{
"@odata.type" = "microsoft.graph.edIdentitySource"
}
identityType = "user"
}
resourceId = "/subscriptions/87eefd90-95a3-480a-ba42-56ff299a05ee"
}
justification = "I need to do this because I want to some new azure roles"
notes = "Pretty Pleaseeeee"
scheduleInfo = @{
expiration = @{
duration = "PT1H"
}
recurrence = $null
}
ticketInfo = @{
ticketNumber = "INC1234567"
ticketSystem = "ServiceNow"
ticketSubmitterIdentityId = "alex@contoso.com"
ticketApproverIdentityId = "alexmanager@contoso.com"
}
}
New-MgBetaIdentityGovernancePermissionManagementScheduledPermissionRequest -BodyParameter $params
This example will azure roles request
Example 3: GCP actions request
Import-Module Microsoft.Graph.Beta.Identity.Governance
$params = @{
requestedPermissions = @{
"@odata.type" = "microsoft.graph.singleResourceGcpPermissionsDefinition"
authorizationSystemInfo = @{
authorizationSystemId = "carbide-bonsai-205017"
authorizationSystemType = "GCP"
}
actionInfo = @{
"@odata.type" = "microsoft.graph.gcpActionPermissionsDefinitionAction"
actions = @(
"aiplatform:dataitems"
)
}
identityInfo = @{
externalId = "alex@contoso.com"
source = @{
"@odata.type" = "microsoft.graph.edIdentitySource"
}
identityType = "user"
}
resourceId = "carbide-bonsai-205017"
}
justification = "I need to do this because I want to code my own chat GPT-3 bot on GCP"
notes = "Pretty Pleaseeeee"
scheduleInfo = @{
expiration = @{
duration = "PT1H"
}
}
ticketInfo = @{
ticketNumber = "INC1234567"
ticketSystem = "ServiceNow"
ticketSubmitterIdentityId = "alex@contoso.com"
ticketApproverIdentityId = "alexmanager@contoso.com"
}
}
New-MgBetaIdentityGovernancePermissionManagementScheduledPermissionRequest -BodyParameter $params
This example will gcp actions request
Parameters
-Action
unifiedRoleScheduleRequestActions
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-AdditionalProperties
Additional Parameters
Parameter properties
Type:
Hashtable
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-BodyParameter
scheduledPermissionsRequest
To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Parameter properties
Type:
IMicrosoftGraphScheduledPermissionsRequest
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
Create
Position:
Named
Mandatory:
True
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Aliases:
cf
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-CreatedDateTime
Defines when the identity created the request.
Parameter properties
Type:
DateTime
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Headers
Optional headers that will be added to the request.
Parameter properties
Type:
IDictionary
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Id
The unique identifier for an entity.
Read-only.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Justification
The identity's justification for the request.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Notes
Additional context for the permissions request.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-RequestedPermissions
permissionsDefinition
To construct, see NOTES section for REQUESTEDPERMISSIONS properties and create a hash table.
Parameter properties
Type:
IMicrosoftGraphPermissionsDefinition
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Aliases:
RHV
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ScheduleInfo
requestSchedule
To construct, see NOTES section for SCHEDULEINFO properties and create a hash table.
Parameter properties
Type:
IMicrosoftGraphRequestSchedule
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-StatusDetail
statusDetail
Parameter properties
Type:
String
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-TicketInfo
ticketInfo
To construct, see NOTES section for TICKETINFO properties and create a hash table.
Parameter properties
Type:
IMicrosoftGraphTicketInfo
Default value:
None
Supports wildcards:
False
DontShow:
False
Parameter sets
CreateExpanded
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type:
SwitchParameter
Default value:
None
Supports wildcards:
False
DontShow:
False
Aliases:
wi
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.
To create the parameters described below, construct a hash table containing the appropriate properties.
For information on hash tables, run Get-Help about_Hash_Tables.
[(Any) <Object>]: This indicates any property can be added to this object.
[Duration <TimeSpan?>]: The requestor's desired duration of access represented in ISO 8601 format for durations.
For example, PT3H refers to three hours.
If specified in a request, endDateTime shouldn't be present and the type property should be set to afterDuration.
[EndDateTime <DateTime?>]: Timestamp of date and time information using ISO 8601 format and is always in UTC time.
For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z.
[(Any) <Object>]: This indicates any property can be added to this object.
[DayOfMonth <Int32?>]: The day of the month on which the event occurs.
Required if type is absoluteMonthly or absoluteYearly.
[DaysOfWeek <String- []>]: A collection of the days of the week on which the event occurs.
The possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday.
If type is relativeMonthly or relativeYearly, and daysOfWeek specifies more than one day, the event falls on the first day that satisfies the pattern.
Required if type is weekly, relativeMonthly, or relativeYearly.
[FirstDayOfWeek <String>]: dayOfWeek
[Index <String>]: weekIndex
[Interval <Int32?>]: The number of units between occurrences, where units can be in days, weeks, months, or years, depending on the type.
Required.
[Month <Int32?>]: The month in which the event occurs.
This is a number from 1 to 12.
[(Any) <Object>]: This indicates any property can be added to this object.
[EndDate <DateTime?>]: The date to stop applying the recurrence pattern.
Depending on the recurrence pattern of the event, the last occurrence of the meeting may not be this date.
Required if type is endDate.
[NumberOfOccurrences <Int32?>]: The number of times to repeat the event.
Required and must be positive if type is numbered.
[RecurrenceTimeZone <String>]: Time zone for the startDate and endDate properties.
Optional.
If not specified, the time zone of the event is used.
[StartDate <DateTime?>]: The date to start applying the recurrence pattern.
The first occurrence of the meeting may be this date or later, depending on the recurrence pattern of the event.
Must be the same value as the start property of the recurring event.
Required.
[Type <String>]: recurrenceRangeType
[StartDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time.
For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
In PIM, when the eligible or active assignment becomes active.
[(Any) <Object>]: This indicates any property can be added to this object.
[Duration <TimeSpan?>]: The requestor's desired duration of access represented in ISO 8601 format for durations.
For example, PT3H refers to three hours.
If specified in a request, endDateTime shouldn't be present and the type property should be set to afterDuration.
[EndDateTime <DateTime?>]: Timestamp of date and time information using ISO 8601 format and is always in UTC time.
For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z.
[(Any) <Object>]: This indicates any property can be added to this object.
[DayOfMonth <Int32?>]: The day of the month on which the event occurs.
Required if type is absoluteMonthly or absoluteYearly.
[DaysOfWeek <String- []>]: A collection of the days of the week on which the event occurs.
The possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday.
If type is relativeMonthly or relativeYearly, and daysOfWeek specifies more than one day, the event falls on the first day that satisfies the pattern.
Required if type is weekly, relativeMonthly, or relativeYearly.
[FirstDayOfWeek <String>]: dayOfWeek
[Index <String>]: weekIndex
[Interval <Int32?>]: The number of units between occurrences, where units can be in days, weeks, months, or years, depending on the type.
Required.
[Month <Int32?>]: The month in which the event occurs.
This is a number from 1 to 12.
[(Any) <Object>]: This indicates any property can be added to this object.
[EndDate <DateTime?>]: The date to stop applying the recurrence pattern.
Depending on the recurrence pattern of the event, the last occurrence of the meeting may not be this date.
Required if type is endDate.
[NumberOfOccurrences <Int32?>]: The number of times to repeat the event.
Required and must be positive if type is numbered.
[RecurrenceTimeZone <String>]: Time zone for the startDate and endDate properties.
Optional.
If not specified, the time zone of the event is used.
[StartDate <DateTime?>]: The date to start applying the recurrence pattern.
The first occurrence of the meeting may be this date or later, depending on the recurrence pattern of the event.
Must be the same value as the start property of the recurring event.
Required.
[Type <String>]: recurrenceRangeType
[StartDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time.
For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
In PIM, when the eligible or active assignment becomes active.