Get-EntraBetaPrivilegedRoleDefinition
Get role definitions.
Syntax
GetQuery (Default)
Get-EntraBetaPrivilegedRoleDefinition
-ResourceId <String>
-ProviderId <String>
[-Filter <String>]
[-Top <Int32>]
[-Property <String[]>]
[<CommonParameters>]
GetById
Get-EntraBetaPrivilegedRoleDefinition
-ResourceId <String>
-Id <String>
-ProviderId <String>
[-Property <String[]>]
[<CommonParameters>]
Description
The Get-EntraBetaPrivilegedRoleDefinition cmdlet gets role definitions from Microsoft Entra ID.
Examples
Example 1: Get role definitions for a specific provider and resource
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…
bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333…
cccccccc-2222-3333-4444-dddddddddddd Search Administrator cccccccc-2222-3333-4444-dddddddddddd 00001111-aaaa-2222-bbbb-3333cccc4444 cccccccc-2222-3333-4444…
This example retrieves role definitions for a specific provider and resource.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Example 2: Get a role definition for a specific provider
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = '11112222-bbbb-3333-cccc-4444dddd5555'
Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc'
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333…
This example retrieves a role definition for a specific provider, resource, and ID.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.-IdParameter specifies the ID of a role definition.
Example 3: Get a specific role definition by filter
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
Filter = "DisplayName eq 'custom proxy'"
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…
This example retrieves a specific role definition by Filter.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Example 4: Get top role definition
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
}
Get-EntraBetaPrivilegedRoleDefinition @params -Top 1
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…
This example retrieves a top one role definition. You can use -Limit as an alias for -Top.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Parameters
-Filter
Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
GetQuery
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Id
The ID of a role definition.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
GetById
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Property
Specifies properties to be returned.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Select |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ProviderId
The unique identifier of the specific provider.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-ResourceId
The unique identifier of the specific resource.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Top
The top result count.
Parameter properties
| Type: | System.Int32 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | Limit |
Parameter sets
GetQuery
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.