Skip to content

Latest commit

 

History

History
200 lines (196 loc) · 2.93 KB

update-unifiedrolemanagementpolicy-directory-cli-snippets.md

File metadata and controls

200 lines (196 loc) · 2.93 KB
Raw
description
Automatically generated file. DO NOT MODIFY
 
mgc policies role-management-policies patch --unified-role-management-policy-id {unifiedRoleManagementPolicy-id} --body '{
\
  "rules": [
\
    {
\
      "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule",
\
      "id": "Approval_EndUser_Assignment",
\
      "target": {
\
        "caller": "EndUser",
\
        "operations": [
\
          "All"
\
        ],
\
        "level": "Assignment",
\
        "inheritableSettings": [],
\
        "enforcedSettings": []
\
      },
\
      "setting": {
\
        "isApprovalRequired": false,
\
        "isApprovalRequiredForExtension": false,
\
        "isRequestorJustificationRequired": true,
\
        "approvalMode": "SingleStage",
\
        "approvalStages": [
\
          {
\
            "approvalStageTimeOutInDays": 1,
\
            "isApproverJustificationRequired": true,
\
            "escalationTimeInMinutes": 0,
\
            "isEscalationEnabled": false,
\
            "primaryApprovers": [],
\
            "escalationApprovers": []
\
          }
\
        ]
\
      }
\
    },
\
    {
\
      "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule",
\
      "id": "AuthenticationContext_EndUser_Assignment",
\
      "isEnabled": false,
\
      "claimValue": "",
\
      "target": {
\
        "caller": "EndUser",
\
        "operations": [
\
          "All"
\
        ],
\
        "level": "Assignment",
\
        "inheritableSettings": [],
\
        "enforcedSettings": []
\
      }
\
    },
\
    {
\
      "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule",
\
      "id": "Enablement_Admin_Eligibility",
\
      "enabledRules": [],
\
      "target": {
\
        "caller": "Admin",
\
        "operations": [
\
          "All"
\
        ],
\
        "level": "Eligibility",
\
        "inheritableSettings": [],
\
        "enforcedSettings": []
\
      }
\
    },
\
    {
\
      "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule",
\
      "id": "Expiration_Admin_Eligibility",
\
      "isExpirationRequired": false,
\
      "maximumDuration": "P365D",
\
      "target": {
\
        "caller": "Admin",
\
        "operations": [
\
          "All"
\
        ],
\
        "level": "Eligibility",
\
        "inheritableSettings": [],
\
        "enforcedSettings": []
\
      }
\
    },
\
    {
\
      "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule",
\
      "id": "Notification_Admin_Admin_Eligibility",
\
      "notificationType": "Email",
\
      "recipientType": "Admin",
\
      "notificationLevel": "All",
\
      "isDefaultRecipientsEnabled": true,
\
      "notificationRecipients": [],
\
      "target": {
\
        "caller": "Admin",
\
        "operations": [
\
          "All"
\
        ],
\
        "level": "Eligibility",
\
        "inheritableSettings": [],
\
        "enforcedSettings": []
\
      }
\
    }
\
  ]
\
}
\
'