external help file | Module Name | online version | schema |
---|---|---|---|
Microsoft.Graph.DeviceManagement.Administration-help.xml |
Microsoft.Graph.DeviceManagement.Administration |
2.0.0 |
Update the properties of a roleAssignment object.
Note
To view the beta release of this cmdlet, view Update-MgBetaDeviceManagementRoleDefinitionRoleAssignment
Update-MgDeviceManagementRoleDefinitionRoleAssignment -RoleAssignmentId <String> -RoleDefinitionId <String>
[-ResponseHeadersVariable <String>] [-AdditionalProperties <Hashtable>] [-Description <String>]
[-DisplayName <String>] [-Id <String>] [-ResourceScopes <String[]>]
[-RoleDefinition <IMicrosoftGraphRoleDefinition>] [-Headers <IDictionary>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update-MgDeviceManagementRoleDefinitionRoleAssignment -RoleAssignmentId <String> -RoleDefinitionId <String>
-BodyParameter <IMicrosoftGraphRoleAssignment> [-ResponseHeadersVariable <String>] [-Headers <IDictionary>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update-MgDeviceManagementRoleDefinitionRoleAssignment -InputObject <IDeviceManagementAdministrationIdentity>
[-ResponseHeadersVariable <String>] [-AdditionalProperties <Hashtable>] [-Description <String>]
[-DisplayName <String>] [-Id <String>] [-ResourceScopes <String[]>]
[-RoleDefinition <IMicrosoftGraphRoleDefinition>] [-Headers <IDictionary>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update-MgDeviceManagementRoleDefinitionRoleAssignment -InputObject <IDeviceManagementAdministrationIdentity>
-BodyParameter <IMicrosoftGraphRoleAssignment> [-ResponseHeadersVariable <String>] [-Headers <IDictionary>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update the properties of a roleAssignment object.
Additional Parameters
Type: Hashtable
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The Role Assignment resource. Role assignments tie together a role definition with members and scopes. There can be one or more role assignments per role. This applies to custom and built-in roles. To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Type: IMicrosoftGraphRoleAssignment
Parameter Sets: Update, UpdateViaIdentity
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
Description of the Role Assignment.
Type: String
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The display or friendly name of the role Assignment.
Type: String
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Optional headers that will be added to the request.
Type: IDictionary
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
The unique identifier for an entity. Read-only.
Type: String
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Type: IDeviceManagementAdministrationIdentity
Parameter Sets: UpdateViaIdentityExpanded, UpdateViaIdentity
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
{{ Fill ProgressAction Description }}
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
List of ids of role scope member security groups. These are IDs from Azure Active Directory.
Type: String[]
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Optional Response Headers Variable.
Type: String
Parameter Sets: (All)
Aliases: RHV
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The unique identifier of roleAssignment
Type: String
Parameter Sets: UpdateExpanded, Update
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role. To construct, see NOTES section for ROLEDEFINITION properties and create a hash table.
Type: IMicrosoftGraphRoleDefinition
Parameter Sets: UpdateExpanded, UpdateViaIdentityExpanded
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The unique identifier of roleDefinition
Type: String
Parameter Sets: UpdateExpanded, Update
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Prompts you for confirmation before running the cmdlet.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphRoleAssignment>
: The Role Assignment resource.
Role assignments tie together a role definition with members and scopes.
There can be one or more role assignments per role.
This applies to custom and built-in roles.
[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role Assignment.[DisplayName <String>]
: The display or friendly name of the role Assignment.[ResourceScopes <String-
[]>]
: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]
: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role definition.[DisplayName <String>]
: Display Name of the Role definition.[IsBuiltIn <Boolean?>]
: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[RoleAssignments <IMicrosoftGraphRoleAssignment-
[]>]
: List of Role assignments for this role definition.[RolePermissions <IMicrosoftGraphRolePermission-
[]>]
: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[ResourceActions <IMicrosoftGraphResourceAction-
[]>]
: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-
[]>]
: Allowed Actions[NotAllowedResourceActions <String-
[]>]
: Not Allowed Actions.
INPUTOBJECT <IDeviceManagementAdministrationIdentity>
: Identity Parameter
[AuditEventId <String>]
: The unique identifier of auditEvent[CloudPcAuditEventId <String>]
: The unique identifier of cloudPcAuditEvent[CloudPcDeviceImageId <String>]
: The unique identifier of cloudPcDeviceImage[CloudPcGalleryImageId <String>]
: The unique identifier of cloudPcGalleryImage[CloudPcId <String>]
: The unique identifier of cloudPC[CloudPcOnPremisesConnectionId <String>]
: The unique identifier of cloudPcOnPremisesConnection[CloudPcProvisioningPolicyAssignmentId <String>]
: The unique identifier of cloudPcProvisioningPolicyAssignment[CloudPcProvisioningPolicyId <String>]
: The unique identifier of cloudPcProvisioningPolicy[CloudPcUserSettingAssignmentId <String>]
: The unique identifier of cloudPcUserSettingAssignment[CloudPcUserSettingId <String>]
: The unique identifier of cloudPcUserSetting[ComplianceManagementPartnerId <String>]
: The unique identifier of complianceManagementPartner[DeviceAndAppManagementRoleAssignmentId <String>]
: The unique identifier of deviceAndAppManagementRoleAssignment[DeviceManagementExchangeConnectorId <String>]
: The unique identifier of deviceManagementExchangeConnector[DeviceManagementPartnerId <String>]
: The unique identifier of deviceManagementPartner[IosUpdateDeviceStatusId <String>]
: The unique identifier of iosUpdateDeviceStatus[MobileThreatDefenseConnectorId <String>]
: The unique identifier of mobileThreatDefenseConnector[RemoteAssistancePartnerId <String>]
: The unique identifier of remoteAssistancePartner[ResourceOperationId <String>]
: The unique identifier of resourceOperation[RoleAssignmentId <String>]
: The unique identifier of roleAssignment[RoleDefinitionId <String>]
: The unique identifier of roleDefinition[TelecomExpenseManagementPartnerId <String>]
: The unique identifier of telecomExpenseManagementPartner[TermsAndConditionsAcceptanceStatusId <String>]
: The unique identifier of termsAndConditionsAcceptanceStatus[TermsAndConditionsAssignmentId <String>]
: The unique identifier of termsAndConditionsAssignment[TermsAndConditionsId <String>]
: The unique identifier of termsAndConditions[UserId <String>]
: The unique identifier of user
ROLEDEFINITION <IMicrosoftGraphRoleDefinition>
: The Role Definition resource.
The role definition is the foundation of role based access in Intune.
The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource.
There are two types of roles, built-in and custom.
Built-in roles cannot be modified.
Both built-in roles and custom roles must have assignments to be enforced.
Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role definition.[DisplayName <String>]
: Display Name of the Role definition.[IsBuiltIn <Boolean?>]
: Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.[RoleAssignments <IMicrosoftGraphRoleAssignment-
[]>]
: List of Role assignments for this role definition.[Id <String>]
: The unique identifier for an entity. Read-only.[Description <String>]
: Description of the Role Assignment.[DisplayName <String>]
: The display or friendly name of the role Assignment.[ResourceScopes <String-
[]>]
: List of ids of role scope member security groups. These are IDs from Azure Active Directory.[RoleDefinition <IMicrosoftGraphRoleDefinition>]
: The Role Definition resource. The role definition is the foundation of role based access in Intune. The role combines an Intune resource such as a Mobile App and associated role permissions such as Create or Read for the resource. There are two types of roles, built-in and custom. Built-in roles cannot be modified. Both built-in roles and custom roles must have assignments to be enforced. Create custom roles if you want to define a role that allows any of the available resources and role permissions to be combined into a single role.
[RolePermissions <IMicrosoftGraphRolePermission-
[]>]
: List of Role Permissions this role is allowed to perform. These must match the actionName that is defined as part of the rolePermission.[ResourceActions <IMicrosoftGraphResourceAction-
[]>]
: Resource Actions each containing a set of allowed and not allowed permissions.[AllowedResourceActions <String-
[]>]
: Allowed Actions[NotAllowedResourceActions <String-
[]>]
: Not Allowed Actions.
https://learn.microsoft.com/graph/api/intune-rbac-roleassignment-update?view=graph-rest-1.0