Closed martinlingstuyl closed 3 months ago
Nice! Since this is a list command, which properties are we going to show by default?
Added those and opened it up 👍
Can I take it?
Hi @MartinM85, I'd first like some peer review one other maintainers here, as well as a conclusion on the command group structure. So we'll have to wait a bit still.
Ok, @MartinM85 , I've assigned you if you're still interested
Aside from checking the list of pim requests, an important part of pim is checking what roles you have been assigned. (Either through PIM, or directly through RBAC)
Usage
m365 entra pim role assignment list [options]
Description
Retrieves a list of Entra role assignments for a user or group.
Options
--userId [userId]
userId
,userName
,groupId
orgroupName
. If not specified, all eligible roles will be listed.--userName [userName]
userId
,userName
,groupId
orgroupName
. If not specified, all eligible roles will be listed.--groupId [groupId]
userId
,userName
,groupId
orgroupName
. If not specified, all eligible roles will be listed.--groupName [groupName]
userId
,userName
,groupId
orgroupName
. If not specified, all eligible roles will be listed.-s, --startDateTime [startDateTime]
--includePrincipalDetails
Examples
Get a list of Entra role assignments.
Get a list of Entra role assignments for the current user.
Get a list of Entra role assignments since the first of January 2024
Get a list of Entra role assignments with principal details.
Response
Response with principal details
The
roleDefinitionName
property will need to be added to the objects, based on the expanded propertyroleDefinition
.Default properties
From the response output in text mode we'll show
roleDefinitionId
,roleDefinitionName
andprincipalId
Additional information
Needs Entra permission scopes "RoleAssignmentSchedule.ReadWrite.Directory" and/or "RoleManagement.Read.Directory" OR "Directory.ReadWrite.All" which we already may have. (I'm using ReadWrite, as we're also writing in other subcommands of pim.)
https://learn.microsoft.com/en-us/graph/api/rbacapplication-list-roleassignmentscheduleinstances?view=graph-rest-1.0&tabs=http