Get-EntraBetaPrivilegedRoleDefinition
Get role definitions.
Syntax
Get-EntraBetaPrivilegedRoleDefinition
-ResourceId <String>
-ProviderId <String>
[-Filter <String>]
[-Top <Int32>]
[-Property <String[]>]
[<CommonParameters>] Get-EntraBetaPrivilegedRoleDefinition
-ResourceId <String>
-Id <String>
-ProviderId <String>
[-Property <String[]>]
[<CommonParameters>] Description
The Get-EntraBetaPrivilegedRoleDefinition cmdlet gets role definitions from Microsoft Entra ID.
Examples
Example 1: Get role definitions for a specific provider and resource
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…
bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333…
cccccccc-2222-3333-4444-dddddddddddd Search Administrator cccccccc-2222-3333-4444-dddddddddddd 00001111-aaaa-2222-bbbb-3333cccc4444 cccccccc-2222-3333-4444…This example retrieves role definitions for a specific provider and resource.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Example 2: Get a role definition for a specific provider
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = '11112222-bbbb-3333-cccc-4444dddd5555'
Id = 'bbbbbbbb-1111-2222-3333-cccccccccccc'
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
bbbbbbbb-1111-2222-3333-cccccccccccc Authentication Policy Administrator bbbbbbbb-1111-2222-3333-cccccccccccc 11112222-bbbb-3333-cccc-4444dddd5555 bbbbbbbb-1111-2222-3333…This example retrieves a role definition for a specific provider, resource, and ID.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.-IdParameter specifies the ID of a role definition.
Example 3: Get a specific role definition by filter
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
Filter = "DisplayName eq 'custom proxy'"
}
Get-EntraBetaPrivilegedRoleDefinition @params
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…This example retrieves a specific role definition by Filter.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Example 4: Get top role definition
Connect-Entra -Scopes 'PrivilegedAccess.Read.AzureAD', 'PrivilegedAccess.Read.AzureResources' 'PrivilegedAccess.Read.AzureADGroup'
$params = @{
ProviderId = 'aadRoles'
ResourceId = 'aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb'
}
Get-EntraBetaPrivilegedRoleDefinition @params -Top 1
Id DisplayName ExternalId ResourceId TemplateId
-- ----------- ---------- ---------- ----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb custom proxy aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb 22223333-cccc-4444-dddd-5555eeee6666 aaaaaaaa-0000-1111-2222…This example retrieves a top one role definition. You can use -Limit as an alias for -Top.
-ProviderIdParameter specifies the ID of the specific provider.-ResourceIdParameter specifies the ID of the specific resource.
Parameters
-Filter
Specifies an OData v4.0 filter statement. This parameter controls which objects are returned.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The ID of a role definition.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Property
Specifies properties to be returned.
| Type: | System.String[] |
| Aliases: | Select |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProviderId
The unique identifier of the specific provider.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ResourceId
The unique identifier of the specific resource.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Top
The top result count.
| Type: | System.Int32 |
| Aliases: | Limit |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Inputs
System.String
Outputs
System.Object