Skip to content

create-accesspackageassignmentpolicy-2-v1-e2-powershell-snippets.md

Latest commit

 

History

History
125 lines (120 loc) · 2.96 KB

create-accesspackageassignmentpolicy-2-v1-e2-powershell-snippets.md

File metadata and controls

125 lines (120 loc) · 2.96 KB
description Automatically generated file. DO NOT MODIFY 
Import-Module Microsoft.Graph.Identity.Governance

$params = @{
	displayName = "policy for external access requests"
	description = "policy for users from connected organizations to request access, with two stages of approval."
	allowedTargetScope = "allConfiguredConnectedOrganizationUsers"
	specificAllowedTargets = @(
	)
	expiration = @{
		type = "noExpiration"
	}
	requestorSettings = @{
		enableTargetsToSelfAddAccess = $true
		enableTargetsToSelfUpdateAccess = $true
		enableTargetsToSelfRemoveAccess = $true
		allowCustomAssignmentSchedule = $false
		enableOnBehalfRequestorsToAddAccess = $false
		enableOnBehalfRequestorsToUpdateAccess = $false
		enableOnBehalfRequestorsToRemoveAccess = $false
		onBehalfRequestors = @(
		)
	}
	requestApprovalSettings = @{
		isApprovalRequiredForAdd = $true
		isApprovalRequiredForUpdate = $false
		stages = @(
			@{
				durationBeforeAutomaticDenial = "P14D"
				isApproverJustificationRequired = $false
				isEscalationEnabled = $false
				durationBeforeEscalation = "PT0S"
				primaryApprovers = @(
					@{
						"@odata.type" = "#microsoft.graph.internalSponsors"
					}
				)
				fallbackPrimaryApprovers = @(
					@{
						"@odata.type" = "#microsoft.graph.singleUser"
						userId = "7deff43e-1f17-44ef-9e5f-d516b0ba11d4"
					}
					@{
						"@odata.type" = "#microsoft.graph.groupMembers"
						groupId = "1623f912-5e86-41c2-af47-39dd67582b66"
					}
				)
				escalationApprovers = @(
				)
				fallbackEscalationApprovers = @(
				)
			}
			@{
				durationBeforeAutomaticDenial = "P14D"
				isApproverJustificationRequired = $false
				isEscalationEnabled = $false
				durationBeforeEscalation = "PT0S"
				primaryApprovers = @(
				)
				fallbackPrimaryApprovers = @(
					@{
						"@odata.type" = "#microsoft.graph.singleUser"
						userId = "46184453-e63b-4f20-86c2-c557ed5d5df9"
					}
					@{
						"@odata.type" = "#microsoft.graph.groupMembers"
						groupId = "1623f912-5e86-41c2-af47-39dd67582b66"
					}
				)
				escalationApprovers = @(
				)
				fallbackEscalationApprovers = @(
				)
			}
		)
	}
	reviewSettings = @{
		isEnabled = $true
		expirationBehavior = "keepAccess"
		isRecommendationEnabled = $true
		isReviewerJustificationRequired = $true
		isSelfReview = $false
		schedule = @{
			startDateTime = [System.DateTime]::Parse("2022-07-02T06:59:59.998Z")
			expiration = @{
				duration = "P14D"
				type = "afterDuration"
			}
			recurrence = @{
				pattern = @{
					type = "absoluteMonthly"
					interval = 3
					month = 0
					dayOfMonth = 0
					daysOfWeek = @(
					)
				}
				range = @{
					type = "noEnd"
					numberOfOccurrences = 0
				}
			}
		}
		primaryReviewers = @(
			@{
				"@odata.type" = "#microsoft.graph.groupMembers"
				groupId = "1623f912-5e86-41c2-af47-39dd67582b66"
			}
		)
		fallbackReviewers = @(
		)
	}
	accessPackage = @{
		id = "a2e1ca1e-4e56-47d2-9daa-e2ba8d12a82b"
	}
}

New-MgEntitlementManagementAssignmentPolicy -BodyParameter $params