search

microsoftgraph / msgraph-sdk-powershell

Powershell SDK for Microsoft Graph
https://www.powershellgallery.com/packages/Microsoft.Graph
Other
716 stars 172 forks source link

New-MgBetaPrivilegedAccessRoleSetting results in "No HTTP resource was found that matches the request URI" #2611

Closed rpstester closed 9 months ago

rpstester commented 9 months ago

Describe the bug When I run New-MgBetaPrivilegedAccessRoleSetting -PrivilegedAccessID "aadgroups" then I get "No HTTP resource was found that matches the request URI." The same occurs if I add a -bodyParameter like the example.

To Reproduce Steps to reproduce the behavior: $mgparams = @{ AdminEligibleSettings = @( @{ RuleIdentifier = "ExpirationRule" Setting = '{"permanentAssignment":false,"maximumGrantPeriodInMinutes":129600}' } ) } New-MgBetaPrivilegedAccessRoleSetting -PrivilegedAccessId $Setting.ProviderID -BodyParameter $mgparams

Expected behavior "Create new navigation property to roleSettings for privilegedAccess" as the documentation says. Or in my own words, "PIM-enable a group."

Debug Output [CmdletBeginProcessing]: - New-MgBetaPrivilegedAccessRoleSetting begin processing with parameterSet 'Create'. [Authentication]: - AuthType: 'Delegated', TokenCredentialType: 'InteractiveBrowser', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph Command Line Tools'. [Authentication]: - Scopes: [AdministrativeUnit.Read.All, AdministrativeUnit.ReadWrite.All, Directory.Read.All, Group.Read.All, Group.ReadWrite.All, openid, PrivilegedAccess.ReadWrite.AzureADGroup, PrivilegedAssignmentSchedule.ReadWrite.AzureADGroup, profile, RoleAssignmentSchedule.ReadWrite.Directory, RoleEligibilitySchedule.ReadWrite.Directory, RoleManagement.ReadWrite.Directory, User.Read, User.Read.All, User.ReadWrite.All, email].

Confirm Are you sure you want to perform this action? Performing the operation "New-MgBetaPrivilegedAccessRoleSetting_Create" on target "Call remote 'POST /privilegedAccess/{privilegedAccess-id}/roleSettings' operation". [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y ============================ HTTP REQUEST ============================

HTTP Method: POST

Absolute Uri: https://graph.microsoft.com/beta/privilegedAccess/aadGroups/roleSettings

Headers: FeatureFlag : 00000043 Cache-Control : no-store, no-cache User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.19045; en-US),PowerShell/2024.0.0 Accept-Encoding : gzip SdkVersion : graph-powershell-beta/2.13.1 client-request-id : 3dd17f94-540b-4e25-abe6-3654821aa421

Body: { "adminEligibleSettings": [ { "ruleIdentifier": "ExpirationRule", "setting": "{\"permanentAssignment\":false,\"maximumGrantPeriodInMinutes\":129600}" } ] }

============================ HTTP RESPONSE ============================

Status Code: NotFound

Headers: Cache-Control : private Vary : Accept-Encoding Strict-Transport-Security : max-age=31536000 request-id : 8e71022d-3f9b-4758-b914-817e882136dc client-request-id : 3dd17f94-540b-4e25-abe6-3654821aa421 x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central US","Slice":"E","Ring":"3","ScaleUnit":"004","RoleInstance":"CH01EPF000309D5"}} Date : Thu, 22 Feb 2024 20:42:54 GMT

Body: { "error": { "code": "UnknownError", "message": "{\"message\":\"No HTTP resource was found that matches the request URI 'https://api.azrbac.mspim.azure.com/api/v2/governanceRoleSettings?'.\"}", "innerError": { "date": "2024-02-22T20:42:55", "request-id": "8e71022d-3f9b-4758-b914-817e882136dc", "client-request-id": "3dd17f94-540b-4e25-abe6-3654821aa421" } } }

New-MgBetaPrivilegedAccessRoleSetting_Create: C:\Users...\PowerShell\Modules\Microsoft.Graph.Beta.Identity.Governance\2.13.1\exports\ProxyCmdletDefinitions.ps1:518517:23 Line | 518517 | $scriptCmd = {& $wrappedCmd @PSBoundParameters} | ~~~~~~~~ | {"message":"No HTTP resource was found that matches the request URI 'https://api.azrbac.mspim.azure.com/api/v2/governanceRoleSettings?'."} Status: 404 (NotFound) ErrorCode: UnknownError Date: | 2024-02-22T20:42:55 Headers: Cache-Control : private Vary : Accept-Encoding Strict-Transport-Security : max-age=31536000 request-id | : 8e71022d-3f9b-4758-b914-817e882136dc client-request-id : 3dd17f94-540b-4e25-abe6-3654821aa421 x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central | US","Slice":"E","Ring":"3","ScaleUnit":"004","RoleInstance":"CH01EPF000309D5"}} Date : Thu, 22 Feb 2024 20:42:54 GMT

[CmdletEndProcessing]: - New-MgBetaPrivilegedAccessRoleSetting end processing.

Module Version ModuleType Version Name prerelease Script 2.13.1 Microsoft.Graph.Authentication Script 2.13.1 Microsoft.Graph.Beta.Identity.Governance Script 2.13.1 Microsoft.Graph.DirectoryObjects Script 2.13.1 Microsoft.Graph.Identity.Governance

Environment Data Name Value PSVersion 7.4.1 PSEdition Core GitCommitId 7.4.1 OS Microsoft Windows 10.0.19045 Platform Win32NT PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…} PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1 WSManStackVersion 3.0

Additional context Please review/vet/audit/test these cmdlets before you publish them! Thanks!

timayabi2020 commented 9 months ago

Hi @rpstester from the debug info, it shows that the message comes from the API (http response) and that is exactly what the SDK will eventually show. For API related issues/questions we are not best placed to give an answer. Kindly raise an issue here https://developer.microsoft.com/en-us/graph/support so that the API owner can respond to it.

microsoft-github-policy-service[bot] commented 9 months ago

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.