Partager via


New-MgIdentityGovernanceAccessReviewHistoryDefinition

Create a new accessReviewHistoryDefinition object.

Note

To view the beta release of this cmdlet, view New-MgBetaIdentityGovernanceAccessReviewHistoryDefinition

Syntax

New-MgIdentityGovernanceAccessReviewHistoryDefinition
   [-ResponseHeadersVariable <String>]
   [-AdditionalProperties <Hashtable>]
   [-CreatedBy <IMicrosoftGraphUserIdentity>]
   [-CreatedDateTime <DateTime>]
   [-Decisions <String[]>]
   [-DisplayName <String>]
   [-Id <String>]
   [-Instances <IMicrosoftGraphAccessReviewHistoryInstance[]>]
   [-ReviewHistoryPeriodEndDateTime <DateTime>]
   [-ReviewHistoryPeriodStartDateTime <DateTime>]
   [-ScheduleSettings <IMicrosoftGraphAccessReviewHistoryScheduleSettings>]
   [-Scopes <IMicrosoftGraphAccessReviewScope[]>]
   [-Status <String>]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-MgIdentityGovernanceAccessReviewHistoryDefinition
   -BodyParameter <IMicrosoftGraphAccessReviewHistoryDefinition>
   [-ResponseHeadersVariable <String>]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Create a new accessReviewHistoryDefinition object.

Permissions

Permission type Least privileged permissions Higher privileged permissions
Delegated (work or school account) AccessReview.ReadWrite.All Not available.
Delegated (personal Microsoft account) Not supported. Not supported.
Application AccessReview.ReadWrite.All Not available.

Examples

Example 1: Code snippet

Import-Module Microsoft.Graph.Identity.Governance

$params = @{
	displayName = "Last quarter's group reviews April 2021"
	decisions = @(
	"approve"
"deny"
"dontKnow"
"notReviewed"
"notNotified"
)
reviewHistoryPeriodStartDateTime = [System.DateTime]::Parse("2021-01-01T00:00:00Z")
reviewHistoryPeriodEndDateTime = [System.DateTime]::Parse("2021-04-30T23:59:59Z")
scopes = @(
@{
"@odata.type" = "#microsoft.graph.accessReviewQueryScope"
queryType = "MicrosoftGraph"
query = "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, 'accessPackageAssignments')"
queryRoot = $null
}
@{
"@odata.type" = "#microsoft.graph.accessReviewQueryScope"
queryType = "MicrosoftGraph"
query = "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '/groups')"
queryRoot = $null
}
)
}

New-MgIdentityGovernanceAccessReviewHistoryDefinition -BodyParameter $params

This example shows how to use the New-MgIdentityGovernanceAccessReviewHistoryDefinition Cmdlet.

Parameters

-AdditionalProperties

Additional Parameters

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-BodyParameter

accessReviewHistoryDefinition To construct, see NOTES section for BODYPARAMETER properties and create a hash table.

Type:IMicrosoftGraphAccessReviewHistoryDefinition
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CreatedBy

userIdentity To construct, see NOTES section for CREATEDBY properties and create a hash table.

Type:IMicrosoftGraphUserIdentity
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CreatedDateTime

Timestamp when the access review definition was created.

Type:DateTime
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Decisions

Determines which review decisions will be included in the fetched review history data if specified. Optional on create. All decisions are included by default if no decisions are provided on create. Possible values are: approve, deny, dontKnow, notReviewed, and notNotified.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisplayName

Name for the access review history data collection. Required.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Headers

Optional headers that will be added to the request.

Type:IDictionary
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Id

The unique identifier for an entity. Read-only.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Instances

If the accessReviewHistoryDefinition is a recurring definition, instances represent each recurrence. A definition that doesn't recur will have exactly one instance. To construct, see NOTES section for INSTANCES properties and create a hash table.

Type:IMicrosoftGraphAccessReviewHistoryInstance[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProgressAction

{{ Fill ProgressAction Description }}

Type:ActionPreference
Aliases:proga
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResponseHeadersVariable

Optional Response Headers Variable.

Type:String
Aliases:RHV
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ReviewHistoryPeriodEndDateTime

A timestamp. Reviews ending on or before this date will be included in the fetched history data. Only required if scheduleSettings isn't defined.

Type:DateTime
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ReviewHistoryPeriodStartDateTime

A timestamp. Reviews starting on or before this date will be included in the fetched history data. Only required if scheduleSettings isn't defined.

Type:DateTime
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ScheduleSettings

accessReviewHistoryScheduleSettings To construct, see NOTES section for SCHEDULESETTINGS properties and create a hash table.

Type:IMicrosoftGraphAccessReviewHistoryScheduleSettings
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Scopes

Used to scope what reviews are included in the fetched history data. Fetches reviews whose scope matches with this provided scope. Required.

Type:IMicrosoftGraphAccessReviewScope[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Status

accessReviewHistoryStatus

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAccessReviewHistoryDefinition

System.Collections.IDictionary

Outputs

Microsoft.Graph.PowerShell.Models.IMicrosoftGraphAccessReviewHistoryDefinition

Notes

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

BODYPARAMETER <IMicrosoftGraphAccessReviewHistoryDefinition>: accessReviewHistoryDefinition

  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [Id <String>]: The unique identifier for an entity. Read-only.
  • [CreatedBy <IMicrosoftGraphUserIdentity>]: userIdentity
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [DisplayName <String>]: The display name of the identity.For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta.
    • [Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review.
    • [IPAddress <String>]: Indicates the client IP address associated with the user performing the activity (audit log only).
    • [UserPrincipalName <String>]: The userPrincipalName attribute of the user.
  • [CreatedDateTime <DateTime?>]: Timestamp when the access review definition was created.
  • [Decisions <String- []>]: Determines which review decisions will be included in the fetched review history data if specified. Optional on create. All decisions are included by default if no decisions are provided on create. Possible values are: approve, deny, dontKnow, notReviewed, and notNotified.
  • [DisplayName <String>]: Name for the access review history data collection. Required.
  • [Instances <IMicrosoftGraphAccessReviewHistoryInstance- []>]: If the accessReviewHistoryDefinition is a recurring definition, instances represent each recurrence. A definition that doesn't recur will have exactly one instance.
    • [Id <String>]: The unique identifier for an entity. Read-only.
    • [DownloadUri <String>]: Uri that can be used to retrieve review history data. This URI will be active for 24 hours after being generated. Required.
    • [ExpirationDateTime <DateTime?>]: Timestamp when this instance and associated data expires and the history is deleted. Required.
    • [FulfilledDateTime <DateTime?>]: Timestamp when all of the available data for this instance was collected and is set after this instance's status is set to done. Required.
    • [ReviewHistoryPeriodEndDateTime <DateTime?>]: Timestamp reviews ending on or before this date will be included in the fetched history data.
    • [ReviewHistoryPeriodStartDateTime <DateTime?>]: Timestamp reviews starting on or after this date will be included in the fetched history data.
    • [RunDateTime <DateTime?>]: Timestamp when the instance's history data is scheduled to be generated.
    • [Status <String>]: accessReviewHistoryStatus
  • [ReviewHistoryPeriodEndDateTime <DateTime?>]: A timestamp. Reviews ending on or before this date will be included in the fetched history data. Only required if scheduleSettings isn't defined.
  • [ReviewHistoryPeriodStartDateTime <DateTime?>]: A timestamp. Reviews starting on or before this date will be included in the fetched history data. Only required if scheduleSettings isn't defined.
  • [ScheduleSettings <IMicrosoftGraphAccessReviewHistoryScheduleSettings>]: accessReviewHistoryScheduleSettings
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [Recurrence <IMicrosoftGraphPatternedRecurrence>]: patternedRecurrence
      • [(Any) <Object>]: This indicates any property can be added to this object.
      • [Pattern <IMicrosoftGraphRecurrencePattern>]: recurrencePattern
        • [(Any) <Object>]: This indicates any property can be added to this object.
        • [DayOfMonth <Int32?>]: The day of the month on which the event occurs. Required if type is absoluteMonthly or absoluteYearly.
        • [DaysOfWeek <String- []>]: A collection of the days of the week on which the event occurs. The possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday. If type is relativeMonthly or relativeYearly, and daysOfWeek specifies more than one day, the event falls on the first day that satisfies the pattern. Required if type is weekly, relativeMonthly, or relativeYearly.
        • [FirstDayOfWeek <String>]: dayOfWeek
        • [Index <String>]: weekIndex
        • [Interval <Int32?>]: The number of units between occurrences, where units can be in days, weeks, months, or years, depending on the type. Required.
        • [Month <Int32?>]: The month in which the event occurs. This is a number from 1 to 12.
        • [Type <String>]: recurrencePatternType
      • [Range <IMicrosoftGraphRecurrenceRange>]: recurrenceRange
        • [(Any) <Object>]: This indicates any property can be added to this object.
        • [EndDate <DateTime?>]: The date to stop applying the recurrence pattern. Depending on the recurrence pattern of the event, the last occurrence of the meeting may not be this date. Required if type is endDate.
        • [NumberOfOccurrences <Int32?>]: The number of times to repeat the event. Required and must be positive if type is numbered.
        • [RecurrenceTimeZone <String>]: Time zone for the startDate and endDate properties. Optional. If not specified, the time zone of the event is used.
        • [StartDate <DateTime?>]: The date to start applying the recurrence pattern. The first occurrence of the meeting may be this date or later, depending on the recurrence pattern of the event. Must be the same value as the start property of the recurring event. Required.
        • [Type <String>]: recurrenceRangeType
    • [ReportRange <String>]: A duration string in ISO 8601 duration format specifying the lookback period of the generated review history data. For example, if a history definition is scheduled to run on the first of every month, the reportRange is P1M. In this case, on the first of every month, access review history data is collected containing only the previous month's review data. Note: Only years, months, and days ISO 8601 properties are supported. Required.
  • [Scopes <IMicrosoftGraphAccessReviewScope- []>]: Used to scope what reviews are included in the fetched history data. Fetches reviews whose scope matches with this provided scope. Required.
  • [Status <String>]: accessReviewHistoryStatus

CREATEDBY <IMicrosoftGraphUserIdentity>: userIdentity

  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [DisplayName <String>]: The display name of the identity.For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta.
  • [Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review.
  • [IPAddress <String>]: Indicates the client IP address associated with the user performing the activity (audit log only).
  • [UserPrincipalName <String>]: The userPrincipalName attribute of the user.

INSTANCES <IMicrosoftGraphAccessReviewHistoryInstance- []>: If the accessReviewHistoryDefinition is a recurring definition, instances represent each recurrence. A definition that doesn't recur will have exactly one instance.

  • [Id <String>]: The unique identifier for an entity. Read-only.
  • [DownloadUri <String>]: Uri that can be used to retrieve review history data. This URI will be active for 24 hours after being generated. Required.
  • [ExpirationDateTime <DateTime?>]: Timestamp when this instance and associated data expires and the history is deleted. Required.
  • [FulfilledDateTime <DateTime?>]: Timestamp when all of the available data for this instance was collected and is set after this instance's status is set to done. Required.
  • [ReviewHistoryPeriodEndDateTime <DateTime?>]: Timestamp reviews ending on or before this date will be included in the fetched history data.
  • [ReviewHistoryPeriodStartDateTime <DateTime?>]: Timestamp reviews starting on or after this date will be included in the fetched history data.
  • [RunDateTime <DateTime?>]: Timestamp when the instance's history data is scheduled to be generated.
  • [Status <String>]: accessReviewHistoryStatus

SCHEDULESETTINGS <IMicrosoftGraphAccessReviewHistoryScheduleSettings>: accessReviewHistoryScheduleSettings

  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [Recurrence <IMicrosoftGraphPatternedRecurrence>]: patternedRecurrence
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [Pattern <IMicrosoftGraphRecurrencePattern>]: recurrencePattern
      • [(Any) <Object>]: This indicates any property can be added to this object.
      • [DayOfMonth <Int32?>]: The day of the month on which the event occurs. Required if type is absoluteMonthly or absoluteYearly.
      • [DaysOfWeek <String- []>]: A collection of the days of the week on which the event occurs. The possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday. If type is relativeMonthly or relativeYearly, and daysOfWeek specifies more than one day, the event falls on the first day that satisfies the pattern. Required if type is weekly, relativeMonthly, or relativeYearly.
      • [FirstDayOfWeek <String>]: dayOfWeek
      • [Index <String>]: weekIndex
      • [Interval <Int32?>]: The number of units between occurrences, where units can be in days, weeks, months, or years, depending on the type. Required.
      • [Month <Int32?>]: The month in which the event occurs. This is a number from 1 to 12.
      • [Type <String>]: recurrencePatternType
    • [Range <IMicrosoftGraphRecurrenceRange>]: recurrenceRange
      • [(Any) <Object>]: This indicates any property can be added to this object.
      • [EndDate <DateTime?>]: The date to stop applying the recurrence pattern. Depending on the recurrence pattern of the event, the last occurrence of the meeting may not be this date. Required if type is endDate.
      • [NumberOfOccurrences <Int32?>]: The number of times to repeat the event. Required and must be positive if type is numbered.
      • [RecurrenceTimeZone <String>]: Time zone for the startDate and endDate properties. Optional. If not specified, the time zone of the event is used.
      • [StartDate <DateTime?>]: The date to start applying the recurrence pattern. The first occurrence of the meeting may be this date or later, depending on the recurrence pattern of the event. Must be the same value as the start property of the recurring event. Required.
      • [Type <String>]: recurrenceRangeType
  • [ReportRange <String>]: A duration string in ISO 8601 duration format specifying the lookback period of the generated review history data. For example, if a history definition is scheduled to run on the first of every month, the reportRange is P1M. In this case, on the first of every month, access review history data is collected containing only the previous month's review data. Note: Only years, months, and days ISO 8601 properties are supported. Required.

https://learn.microsoft.com/powershell/module/microsoft.graph.identity.governance/new-mgidentitygovernanceaccessreviewhistorydefinition

https://learn.microsoft.com/graph/api/accessreviewset-post-historydefinitions?view=graph-rest-1.0