New-MgDeviceManagementRoleAssignment
Create a new deviceAndAppManagementRoleAssignment object.
Note
To view the beta release of this cmdlet, view New-MgBetaDeviceManagementRoleAssignment
Syntax
New-MgDeviceManagementRoleAssignment
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-Description <String>]
[-DisplayName <String>]
[-Id <String>]
[-Members <String[]>]
[-ResourceScopes <String[]>]
[-RoleDefinition <IMicrosoftGraphRoleDefinition>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgDeviceManagementRoleAssignment
-BodyParameter <IMicrosoftGraphDeviceAndAppManagementRoleAssignment>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create a new deviceAndAppManagementRoleAssignment object.
Parameters
-AdditionalProperties
Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BodyParameter
The Role Assignment resource. Role assignments tie together a role definition with members and scopes. There can be one or more role assignments per role. This applies to custom and built-in roles. To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Type: | IMicrosoftGraphDeviceAndAppManagementRoleAssignment |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
Description of the Role Assignment.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
The display or friendly name of the role Assignment.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
Type: | IDictionary |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Members
The list of ids of role member security groups. These are IDs from Azure Active Directory.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
Type: | ActionPreference |
Aliases: | proga |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceScopes
List of ids of role scope member security groups. These are IDs from Azure Active Directory.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Type: | String |
Aliases: | RHV |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RoleDefinition
The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role. To construct, see NOTES section for ROLEDEFINITION properties and create a hash table.
Type: | IMicrosoftGraphRoleDefinition |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDeviceAndAppManagementRoleAssignment
System.Collections.IDictionary
Outputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphDeviceAndAppManagementRoleAssignment
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphDeviceAndAppManagementRoleAssignment>
: The Role Assignment resource.
Role assignments tie together a role definition with members and scopes.
There can be one or more role assignments per role.
This applies to custom and built-in roles.
[(Any) <Object>]
: This indicates any property can be added to this object.[Description <String>]
: Description of the Role Assignment.[DisplayName <String>]
: The display or friendly name of the role Assignment.[ResourceScopes <String-
[]>]
: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]
: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role definition.[DisplayName <String>]
: Display Name of the Role definition.[IsBuiltIn <Boolean?>]
: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[RoleAssignments <IMicrosoftGraphRoleAssignment-
[]>]
: List of Role assignments for this role definition.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role Assignment.[DisplayName <String>]
: The display or friendly name of the role Assignment.[ResourceScopes <String-
[]>]
: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]
: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[RolePermissions <IMicrosoftGraphRolePermission-
[]>]
: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[ResourceActions <IMicrosoftGraphResourceAction-
[]>]
: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-
[]>]
: Allowed Actions[NotAllowedResourceActions <String-
[]>]
: Not Allowed Actions.
[Id <String>]
: The unique identifier for an entity. Read-only.[Members <String-
[]>]
: The list of ids of role member security groups. These are IDs from Azure Active Directory.
ROLEDEFINITION <IMicrosoftGraphRoleDefinition>
: The Role Definition resource.
The role definition is the foundation of role based access in Intune.
The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource.
There are two types of roles, built-in and custom.
Built-in roles cannot be modified.
Both built-in roles and custom roles must have assignments to be enforced.
Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role definition.[DisplayName <String>]
: Display Name of the Role definition.[IsBuiltIn <Boolean?>]
: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[RoleAssignments <IMicrosoftGraphRoleAssignment-
[]>]
: List of Role assignments for this role definition.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role Assignment.[DisplayName <String>]
: The display or friendly name of the role Assignment.[ResourceScopes <String-
[]>]
: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]
: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[RolePermissions <IMicrosoftGraphRolePermission-
[]>]
: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[ResourceActions <IMicrosoftGraphResourceAction-
[]>]
: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-
[]>]
: Allowed Actions[NotAllowedResourceActions <String-
[]>]
: Not Allowed Actions.