New-AzureADMSRoleDefinition
Creates an Azure AD role definition.
Syntax
New-AzureADMSRoleDefinition
[-Description <String>]
-DisplayName <String>
[-ResourceScopes <System.Collections.Generic.List`1[System.String]>]
-IsEnabled <Boolean>
-RolePermissions <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RolePermission]>
[-TemplateId <String>]
[-Version <String>]
[<CommonParameters>] Description
The New-AzureADMSRoleDefinition cmdlet creates an Azure Active Directory (Azure AD) role definition.
Examples
Example 1
PS C:\>
$allowedResourceAction = @()
$allowedResourceAction += @("microsoft.directory/applications/create")
$rolePermission = @{'allowedResourceActions' = $allowedResourceAction}
$rolePermissions = @()
$rolePermissions += $rolePermission
$resourceScopes = @()
$resourceScopes += '/'
New-AzureADMSRoleDefinition -RolePermissions $rolePermissions -IsEnabled $true -DisplayName 'MyRoleDefinition' -ResourceScopes $resourceScopes
Id : c466024e-f757-4409-a897-d780916814b1
OdataType :
Description :
DisplayName : fgdf
IsBuiltIn : False
ResourceScopes : {/}
IsEnabled : True
RolePermissions : {class RolePermission {
AllowedResourceActions:
microsoft.directory/applications/create
Condition:
}
}
TemplateId : 4dd5aa9c-cf4d-4895-a993-740d342802b9
Version :This command creates a new role definition in Azure AD.
Parameters
-Description
Specifies a description for the role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisplayName
Specifies a display name for the role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IsEnabled
Specifies whether the role definition is enabled.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceScopes
Specifies the resource scopes for the role definition.
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RolePermissions
Specifies permissions for the role definition.
| Type: | List<T>[Microsoft.Open.MSGraph.Model.RolePermission] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TemplateId
Specifies the template ID for the role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Version
Specifies version for the role definition.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Outputs
Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition
Notes
See the migration guide for New-AzureADMSRoleDefinition to the Microsoft Graph PowerShell.