Espacio de nombres: microsoft.graph
Importante
Las API de la versión /beta de Microsoft Graph están sujetas a cambios. No se admite el uso de estas API en aplicaciones de producción. Para determinar si una API está disponible en la versión 1.0, use el selector de Versión.
Cree un nuevo objeto unifiedRoleAssignmentMultiple para un proveedor de RBAC.
Actualmente se admiten los siguientes proveedores de RBAC:
- PC en la nube.
- administración de dispositivos (Intune)
- Defender (Microsoft Defender XDR)
Para otras aplicaciones de Microsoft 365 (como Microsoft Entra ID), use unifiedRoleAssignment.
Esta API está disponible en las siguientes implementaciones nacionales de nube.
| Servicio global |
Gobierno de EE. UU. L4 |
Us Government L5 (DOD) |
China operada por 21Vianet |
| ✅ |
✅ |
✅ |
✅ |
Permissions
En las tablas siguientes se muestran los permisos o permisos con privilegios mínimos necesarios para llamar a esta API en cada tipo de recurso admitido. Siga los procedimientos recomendados para solicitar permisos con privilegios mínimos. Para obtener más información sobre los permisos delegados y de aplicación, consulte Tipos de permisos. Para obtener más información sobre estos permisos, consulte la referencia de permisos.
Para el proveedor de PC en la nube
| Tipo de permiso |
Permisos con privilegios mínimos |
Permisos con privilegios más altos |
| Delegado (cuenta profesional o educativa) |
CloudPC. ReadWrite. All |
DeviceManagementRBAC.ReadWrite.All |
| Delegado (cuenta personal de Microsoft) |
No admitida. |
No admitida. |
| Aplicación |
CloudPC. ReadWrite. All |
DeviceManagementRBAC.ReadWrite.All |
Para el proveedor de administración de dispositivos (Intune)
| Tipo de permiso |
Permisos con privilegios mínimos |
Permisos con privilegios más altos |
| Delegado (cuenta profesional o educativa) |
CloudPC. ReadWrite. All |
DeviceManagementRBAC.ReadWrite.All |
| Delegado (cuenta personal de Microsoft) |
No admitida. |
No admitida. |
| Aplicación |
CloudPC. ReadWrite. All |
DeviceManagementRBAC.ReadWrite.All |
Para el proveedor de Defender
| Tipo de permiso |
Permisos con privilegios mínimos |
Permisos con privilegios más altos |
| Delegado (cuenta profesional o educativa) |
RoleManagement.ReadWrite.Defender |
No disponible. |
| Delegado (cuenta personal de Microsoft) |
No admitida. |
No admitida. |
| Aplicación |
RoleManagement.ReadWrite.Defender |
No disponible. |
Solicitud HTTP
Para crear la asignación de roles para un proveedor de pc en la nube:
POST /roleManagement/cloudPC/roleAssignments
Para crear la asignación de roles para un proveedor de Intune:
POST /roleManagement/deviceManagement/roleAssignments
Para crear la asignación de roles para un proveedor de Defender:
POST /roleManagement/defender/roleAssignments
| Nombre |
Descripción |
| Authorization |
{token} de portador. Obligatorio. Obtenga más información sobre la autenticación y la autorización. |
| Tipo de contenido |
application/json. Obligatorio. |
Cuerpo de la solicitud
En el cuerpo de la solicitud, proporcione una representación JSON del objeto unifiedRoleAssignmentMultiple . La solicitud debe tener un ámbito definido en Microsoft Entra ID, como directoryScopeIds, o un ámbito específico de la aplicación, como appScopeId. Algunos ejemplos de Microsoft Entra ámbito son las aplicaciones o las unidades administrativas del inquilino ("/").
Respuesta
Si se ejecuta correctamente, este método devuelve un 201 Created código de respuesta y un nuevo objeto unifiedRoleAssignmentMultiple en el cuerpo de la respuesta.
Ejemplos
Ejemplo 1: Crear una asignación de roles en Intune en dos grupos de ámbito (que son objetos Microsoft Entra)
Solicitud
En el ejemplo siguiente se muestra la solicitud.
Nota: el uso del roleTemplateId para roleDefinitionId.
roleDefinitionId puede ser el identificador de plantilla de todo el servicio o el roleDefinitionId específico del directorio.
POST https://graph.microsoft.com/beta/roleManagement/deviceManagement/roleAssignments
Content-type: application/json
{
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"displayName": "My test role assignment 1",
"roleDefinitionId": "c2cf284d-6c41-4e6b-afac-4b80928c9034",
"principalIds": ["f8ca5a85-489a-49a0-b555-0a6d81e56f0d", "c1518aa9-4da5-4c84-a902-a31404023890"],
"directoryScopeIds": ["28ca5a85-489a-49a0-b555-0a6d81e56f0d", "8152656a-cf9a-4928-a457-1512d4cae295"],
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleAssignmentMultiple
{
OdataType = "#microsoft.graph.unifiedRoleAssignmentMultiple",
DisplayName = "My test role assignment 1",
RoleDefinitionId = "c2cf284d-6c41-4e6b-afac-4b80928c9034",
PrincipalIds = new List<string>
{
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
},
DirectoryScopeIds = new List<string>
{
"28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"8152656a-cf9a-4928-a457-1512d4cae295",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.RoleManagement.DeviceManagement.RoleAssignments.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleAssignmentMultiple()
displayName := "My test role assignment 1"
requestBody.SetDisplayName(&displayName)
roleDefinitionId := "c2cf284d-6c41-4e6b-afac-4b80928c9034"
requestBody.SetRoleDefinitionId(&roleDefinitionId)
principalIds := []string {
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
}
requestBody.SetPrincipalIds(principalIds)
directoryScopeIds := []string {
"28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"8152656a-cf9a-4928-a457-1512d4cae295",
}
requestBody.SetDirectoryScopeIds(directoryScopeIds)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleAssignments, err := graphClient.RoleManagement().DeviceManagement().RoleAssignments().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleAssignmentMultiple unifiedRoleAssignmentMultiple = new UnifiedRoleAssignmentMultiple();
unifiedRoleAssignmentMultiple.setOdataType("#microsoft.graph.unifiedRoleAssignmentMultiple");
unifiedRoleAssignmentMultiple.setDisplayName("My test role assignment 1");
unifiedRoleAssignmentMultiple.setRoleDefinitionId("c2cf284d-6c41-4e6b-afac-4b80928c9034");
LinkedList<String> principalIds = new LinkedList<String>();
principalIds.add("f8ca5a85-489a-49a0-b555-0a6d81e56f0d");
principalIds.add("c1518aa9-4da5-4c84-a902-a31404023890");
unifiedRoleAssignmentMultiple.setPrincipalIds(principalIds);
LinkedList<String> directoryScopeIds = new LinkedList<String>();
directoryScopeIds.add("28ca5a85-489a-49a0-b555-0a6d81e56f0d");
directoryScopeIds.add("8152656a-cf9a-4928-a457-1512d4cae295");
unifiedRoleAssignmentMultiple.setDirectoryScopeIds(directoryScopeIds);
UnifiedRoleAssignmentMultiple result = graphClient.roleManagement().deviceManagement().roleAssignments().post(unifiedRoleAssignmentMultiple);
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleAssignmentMultiple = {
'@odata.type': '#microsoft.graph.unifiedRoleAssignmentMultiple',
displayName: 'My test role assignment 1',
roleDefinitionId: 'c2cf284d-6c41-4e6b-afac-4b80928c9034',
principalIds: ['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890'],
directoryScopeIds: ['28ca5a85-489a-49a0-b555-0a6d81e56f0d', '8152656a-cf9a-4928-a457-1512d4cae295'],
};
await client.api('/roleManagement/deviceManagement/roleAssignments')
.version('beta')
.post(unifiedRoleAssignmentMultiple);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleAssignmentMultiple;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleAssignmentMultiple();
$requestBody->setOdataType('#microsoft.graph.unifiedRoleAssignmentMultiple');
$requestBody->setDisplayName('My test role assignment 1');
$requestBody->setRoleDefinitionId('c2cf284d-6c41-4e6b-afac-4b80928c9034');
$requestBody->setPrincipalIds(['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890', ]);
$requestBody->setDirectoryScopeIds(['28ca5a85-489a-49a0-b555-0a6d81e56f0d', '8152656a-cf9a-4928-a457-1512d4cae295', ]);
$result = $graphServiceClient->roleManagement()->deviceManagement()->roleAssignments()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.DeviceManagement.Enrollment
$params = @{
"@odata.type" = "#microsoft.graph.unifiedRoleAssignmentMultiple"
displayName = "My test role assignment 1"
roleDefinitionId = "c2cf284d-6c41-4e6b-afac-4b80928c9034"
principalIds = @(
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d"
"c1518aa9-4da5-4c84-a902-a31404023890"
)
directoryScopeIds = @(
"28ca5a85-489a-49a0-b555-0a6d81e56f0d"
"8152656a-cf9a-4928-a457-1512d4cae295"
)
}
New-MgBetaRoleManagementDeviceManagementRoleAssignment -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_assignment_multiple import UnifiedRoleAssignmentMultiple
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleAssignmentMultiple(
odata_type = "#microsoft.graph.unifiedRoleAssignmentMultiple",
display_name = "My test role assignment 1",
role_definition_id = "c2cf284d-6c41-4e6b-afac-4b80928c9034",
principal_ids = [
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
],
directory_scope_ids = [
"28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"8152656a-cf9a-4928-a457-1512d4cae295",
],
)
result = await graph_client.role_management.device_management.role_assignments.post(request_body)
Respuesta
En el ejemplo siguiente se muestra la respuesta.
Nota: Se puede acortar el objeto de respuesta que se muestra aquí para mejorar la legibilidad.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#roleManagement/deviceManagement/roleAssignments/$entity",
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"id": "28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"roleDefinitionId": "c2cf284d-6c41-4e6b-afac-4b80928c9034",
"principalIds": ["f8ca5a85-489a-49a0-b555-0a6d81e56f0d", "c1518aa9-4da5-4c84-a902-a31404023890"],
"directoryScopeIds": ["28ca5a85-489a-49a0-b555-0a6d81e56f0d", "8152656a-cf9a-4928-a457-1512d4cae295"]
}
Ejemplo 2: Creación de una asignación de roles en Intune en Intune ámbito específico de "todos los dispositivos"
Use la siguiente información para crear Intune asignaciones de roles:
- Para permitir asignaciones en todos los dispositivos Intune, use el
AllDevices valor de appScopeIds.
- Para permitir asignaciones en todos los usuarios con licencia de Intune, use el
AllLicensedUsers valor de appScopeIds.
- Para permitir asignaciones en todos los dispositivos Intune y usuarios con licencia, use el
/ valor en directoryScopeIds.
Solicitud
En el ejemplo siguiente se muestra la solicitud.
POST https://graph.microsoft.com/beta/roleManagement/deviceManagement/roleAssignments
Content-type: application/json
{
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"displayName": "My test role assignment 1",
"roleDefinitionId": "c2cf284d-6c41-4e6b-afac-4b80928c9034",
"principalIds": ["f8ca5a85-489a-49a0-b555-0a6d81e56f0d", "c1518aa9-4da5-4c84-a902-a31404023890"],
"appScopeIds": ["allDevices"]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleAssignmentMultiple
{
OdataType = "#microsoft.graph.unifiedRoleAssignmentMultiple",
DisplayName = "My test role assignment 1",
RoleDefinitionId = "c2cf284d-6c41-4e6b-afac-4b80928c9034",
PrincipalIds = new List<string>
{
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
},
AppScopeIds = new List<string>
{
"allDevices",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.RoleManagement.DeviceManagement.RoleAssignments.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleAssignmentMultiple()
displayName := "My test role assignment 1"
requestBody.SetDisplayName(&displayName)
roleDefinitionId := "c2cf284d-6c41-4e6b-afac-4b80928c9034"
requestBody.SetRoleDefinitionId(&roleDefinitionId)
principalIds := []string {
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
}
requestBody.SetPrincipalIds(principalIds)
appScopeIds := []string {
"allDevices",
}
requestBody.SetAppScopeIds(appScopeIds)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleAssignments, err := graphClient.RoleManagement().DeviceManagement().RoleAssignments().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleAssignmentMultiple unifiedRoleAssignmentMultiple = new UnifiedRoleAssignmentMultiple();
unifiedRoleAssignmentMultiple.setOdataType("#microsoft.graph.unifiedRoleAssignmentMultiple");
unifiedRoleAssignmentMultiple.setDisplayName("My test role assignment 1");
unifiedRoleAssignmentMultiple.setRoleDefinitionId("c2cf284d-6c41-4e6b-afac-4b80928c9034");
LinkedList<String> principalIds = new LinkedList<String>();
principalIds.add("f8ca5a85-489a-49a0-b555-0a6d81e56f0d");
principalIds.add("c1518aa9-4da5-4c84-a902-a31404023890");
unifiedRoleAssignmentMultiple.setPrincipalIds(principalIds);
LinkedList<String> appScopeIds = new LinkedList<String>();
appScopeIds.add("allDevices");
unifiedRoleAssignmentMultiple.setAppScopeIds(appScopeIds);
UnifiedRoleAssignmentMultiple result = graphClient.roleManagement().deviceManagement().roleAssignments().post(unifiedRoleAssignmentMultiple);
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleAssignmentMultiple = {
'@odata.type': '#microsoft.graph.unifiedRoleAssignmentMultiple',
displayName: 'My test role assignment 1',
roleDefinitionId: 'c2cf284d-6c41-4e6b-afac-4b80928c9034',
principalIds: ['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890'],
appScopeIds: ['allDevices']
};
await client.api('/roleManagement/deviceManagement/roleAssignments')
.version('beta')
.post(unifiedRoleAssignmentMultiple);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleAssignmentMultiple;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleAssignmentMultiple();
$requestBody->setOdataType('#microsoft.graph.unifiedRoleAssignmentMultiple');
$requestBody->setDisplayName('My test role assignment 1');
$requestBody->setRoleDefinitionId('c2cf284d-6c41-4e6b-afac-4b80928c9034');
$requestBody->setPrincipalIds(['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890', ]);
$requestBody->setAppScopeIds(['allDevices', ]);
$result = $graphServiceClient->roleManagement()->deviceManagement()->roleAssignments()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.DeviceManagement.Enrollment
$params = @{
"@odata.type" = "#microsoft.graph.unifiedRoleAssignmentMultiple"
displayName = "My test role assignment 1"
roleDefinitionId = "c2cf284d-6c41-4e6b-afac-4b80928c9034"
principalIds = @(
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d"
"c1518aa9-4da5-4c84-a902-a31404023890"
)
appScopeIds = @(
"allDevices"
)
}
New-MgBetaRoleManagementDeviceManagementRoleAssignment -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_assignment_multiple import UnifiedRoleAssignmentMultiple
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleAssignmentMultiple(
odata_type = "#microsoft.graph.unifiedRoleAssignmentMultiple",
display_name = "My test role assignment 1",
role_definition_id = "c2cf284d-6c41-4e6b-afac-4b80928c9034",
principal_ids = [
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
],
app_scope_ids = [
"allDevices",
],
)
result = await graph_client.role_management.device_management.role_assignments.post(request_body)
Respuesta
En el ejemplo siguiente se muestra la respuesta.
Nota: Se puede acortar el objeto de respuesta que se muestra aquí para mejorar la legibilidad.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#roleManagement/deviceManagement/roleAssignments/$entity",
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"id": "28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"roleDefinitionId": "c2cf284d-6c41-4e6b-afac-4b80928c9034",
"principalIds": ["f8ca5a85-489a-49a0-b555-0a6d81e56f0d", "c1518aa9-4da5-4c84-a902-a31404023890"],
"appScopeIds": ["allDevices"]
}
Ejemplo 3: Creación de una asignación de roles para un proveedor de PC en la nube
Solicitud
POST https://graph.microsoft.com/beta/roleManagement/cloudPC/roleAssignments
Content-type: application/json
{
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"displayName": "My test role assignment 1",
"description": "My role assignment description",
"roleDefinitionId": "b5c08161-a7af-481c-ace2-a20a69a48fb1",
"principalIds": ["f8ca5a85-489a-49a0-b555-0a6d81e56f0d", "c1518aa9-4da5-4c84-a902-a31404023890"]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleAssignmentMultiple
{
OdataType = "#microsoft.graph.unifiedRoleAssignmentMultiple",
DisplayName = "My test role assignment 1",
Description = "My role assignment description",
RoleDefinitionId = "b5c08161-a7af-481c-ace2-a20a69a48fb1",
PrincipalIds = new List<string>
{
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.RoleManagement.CloudPC.RoleAssignments.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleAssignmentMultiple()
displayName := "My test role assignment 1"
requestBody.SetDisplayName(&displayName)
description := "My role assignment description"
requestBody.SetDescription(&description)
roleDefinitionId := "b5c08161-a7af-481c-ace2-a20a69a48fb1"
requestBody.SetRoleDefinitionId(&roleDefinitionId)
principalIds := []string {
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
}
requestBody.SetPrincipalIds(principalIds)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleAssignments, err := graphClient.RoleManagement().CloudPC().RoleAssignments().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleAssignmentMultiple unifiedRoleAssignmentMultiple = new UnifiedRoleAssignmentMultiple();
unifiedRoleAssignmentMultiple.setOdataType("#microsoft.graph.unifiedRoleAssignmentMultiple");
unifiedRoleAssignmentMultiple.setDisplayName("My test role assignment 1");
unifiedRoleAssignmentMultiple.setDescription("My role assignment description");
unifiedRoleAssignmentMultiple.setRoleDefinitionId("b5c08161-a7af-481c-ace2-a20a69a48fb1");
LinkedList<String> principalIds = new LinkedList<String>();
principalIds.add("f8ca5a85-489a-49a0-b555-0a6d81e56f0d");
principalIds.add("c1518aa9-4da5-4c84-a902-a31404023890");
unifiedRoleAssignmentMultiple.setPrincipalIds(principalIds);
UnifiedRoleAssignmentMultiple result = graphClient.roleManagement().cloudPC().roleAssignments().post(unifiedRoleAssignmentMultiple);
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleAssignmentMultiple = {
'@odata.type': '#microsoft.graph.unifiedRoleAssignmentMultiple',
displayName: 'My test role assignment 1',
description: 'My role assignment description',
roleDefinitionId: 'b5c08161-a7af-481c-ace2-a20a69a48fb1',
principalIds: ['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890']
};
await client.api('/roleManagement/cloudPC/roleAssignments')
.version('beta')
.post(unifiedRoleAssignmentMultiple);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleAssignmentMultiple;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleAssignmentMultiple();
$requestBody->setOdataType('#microsoft.graph.unifiedRoleAssignmentMultiple');
$requestBody->setDisplayName('My test role assignment 1');
$requestBody->setDescription('My role assignment description');
$requestBody->setRoleDefinitionId('b5c08161-a7af-481c-ace2-a20a69a48fb1');
$requestBody->setPrincipalIds(['f8ca5a85-489a-49a0-b555-0a6d81e56f0d', 'c1518aa9-4da5-4c84-a902-a31404023890', ]);
$result = $graphServiceClient->roleManagement()->cloudPC()->roleAssignments()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.DeviceManagement.Enrollment
$params = @{
"@odata.type" = "#microsoft.graph.unifiedRoleAssignmentMultiple"
displayName = "My test role assignment 1"
description = "My role assignment description"
roleDefinitionId = "b5c08161-a7af-481c-ace2-a20a69a48fb1"
principalIds = @(
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d"
"c1518aa9-4da5-4c84-a902-a31404023890"
)
}
New-MgBetaRoleManagementCloudPcRoleAssignment -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_assignment_multiple import UnifiedRoleAssignmentMultiple
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleAssignmentMultiple(
odata_type = "#microsoft.graph.unifiedRoleAssignmentMultiple",
display_name = "My test role assignment 1",
description = "My role assignment description",
role_definition_id = "b5c08161-a7af-481c-ace2-a20a69a48fb1",
principal_ids = [
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890",
],
)
result = await graph_client.role_management.cloud_p_c.role_assignments.post(request_body)
Respuesta
En el ejemplo siguiente se muestra la respuesta.
Nota: Se puede acortar el objeto de respuesta que se muestra aquí para mejorar la legibilidad. Se devolverán todas las propiedades de una llamada real.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/cloudPC/roleAssignments/$entity",
"id": "47c88dcd-cc79-4b0c-ba7d-7af2199649c5",
"displayName": "My role assignment",
"description": "My role assignment description",
"roleDefinitionId": "b5c08161-a7af-481c-ace2-a20a69a48fb1",
"principalIds": [
"f8ca5a85-489a-49a0-b555-0a6d81e56f0d",
"c1518aa9-4da5-4c84-a902-a31404023890"
],
"directoryScopeIds": [
"/"
],
"appScopeIds": []
}
Ejemplo 4: Creación de una asignación de roles en Defender en todas y futuras cargas de trabajo, en el ámbito de CloudSet "123":
Use la siguiente información para crear Intune asignaciones de roles:
- Para permitir asignaciones en todas y futuras cargas de trabajo, use el
/ valor de appScopeIds.
- Para permitir asignaciones a través de la carga de trabajo, en todos los ámbitos, no agregue ningún ámbito después de los siguientes identificadores de carga de trabajo en appScopeIds:
Mdi, Mdc, Mda, Mde, , MdoSecureScoreExternal.
- Para permitir asignaciones en un ámbito específico, use
/<ScopeType>/<ScopeId> en appScopeIds.
Solicitud
En el ejemplo siguiente se muestra la solicitud.
POST https://graph.microsoft.com/beta/roleManagement/defender/roleAssignments
Content-type: application/json
{
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"displayName": "Example role assignment",
"roleDefinitionId": "b5c08161-a7af-481c-ace2-a20a69a48fb1",
"principalIds": [
"8e811502-ebda-4782-8f81-071d17f0f892",
"30e3492f-964c-4d73-88c6-986a53c6e2a0"
],
"appScopeIds": [
"Mdc", "/CloudSet/123"
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new UnifiedRoleAssignmentMultiple
{
OdataType = "#microsoft.graph.unifiedRoleAssignmentMultiple",
DisplayName = "Example role assignment",
RoleDefinitionId = "b5c08161-a7af-481c-ace2-a20a69a48fb1",
PrincipalIds = new List<string>
{
"8e811502-ebda-4782-8f81-071d17f0f892",
"30e3492f-964c-4d73-88c6-986a53c6e2a0",
},
AppScopeIds = new List<string>
{
"Mdc",
"/CloudSet/123",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.RoleManagement.Defender.RoleAssignments.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUnifiedRoleAssignmentMultiple()
displayName := "Example role assignment"
requestBody.SetDisplayName(&displayName)
roleDefinitionId := "b5c08161-a7af-481c-ace2-a20a69a48fb1"
requestBody.SetRoleDefinitionId(&roleDefinitionId)
principalIds := []string {
"8e811502-ebda-4782-8f81-071d17f0f892",
"30e3492f-964c-4d73-88c6-986a53c6e2a0",
}
requestBody.SetPrincipalIds(principalIds)
appScopeIds := []string {
"Mdc",
"/CloudSet/123",
}
requestBody.SetAppScopeIds(appScopeIds)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
roleAssignments, err := graphClient.RoleManagement().Defender().RoleAssignments().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
UnifiedRoleAssignmentMultiple unifiedRoleAssignmentMultiple = new UnifiedRoleAssignmentMultiple();
unifiedRoleAssignmentMultiple.setOdataType("#microsoft.graph.unifiedRoleAssignmentMultiple");
unifiedRoleAssignmentMultiple.setDisplayName("Example role assignment");
unifiedRoleAssignmentMultiple.setRoleDefinitionId("b5c08161-a7af-481c-ace2-a20a69a48fb1");
LinkedList<String> principalIds = new LinkedList<String>();
principalIds.add("8e811502-ebda-4782-8f81-071d17f0f892");
principalIds.add("30e3492f-964c-4d73-88c6-986a53c6e2a0");
unifiedRoleAssignmentMultiple.setPrincipalIds(principalIds);
LinkedList<String> appScopeIds = new LinkedList<String>();
appScopeIds.add("Mdc");
appScopeIds.add("/CloudSet/123");
unifiedRoleAssignmentMultiple.setAppScopeIds(appScopeIds);
UnifiedRoleAssignmentMultiple result = graphClient.roleManagement().defender().roleAssignments().post(unifiedRoleAssignmentMultiple);
const options = {
authProvider,
};
const client = Client.init(options);
const unifiedRoleAssignmentMultiple = {
'@odata.type': '#microsoft.graph.unifiedRoleAssignmentMultiple',
displayName: 'Example role assignment',
roleDefinitionId: 'b5c08161-a7af-481c-ace2-a20a69a48fb1',
principalIds: [
'8e811502-ebda-4782-8f81-071d17f0f892',
'30e3492f-964c-4d73-88c6-986a53c6e2a0'
],
appScopeIds: [
'Mdc', '/CloudSet/123'
]
};
await client.api('/roleManagement/defender/roleAssignments')
.version('beta')
.post(unifiedRoleAssignmentMultiple);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\UnifiedRoleAssignmentMultiple;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new UnifiedRoleAssignmentMultiple();
$requestBody->setOdataType('#microsoft.graph.unifiedRoleAssignmentMultiple');
$requestBody->setDisplayName('Example role assignment');
$requestBody->setRoleDefinitionId('b5c08161-a7af-481c-ace2-a20a69a48fb1');
$requestBody->setPrincipalIds(['8e811502-ebda-4782-8f81-071d17f0f892', '30e3492f-964c-4d73-88c6-986a53c6e2a0', ]);
$requestBody->setAppScopeIds(['Mdc', '/CloudSet/123', ]);
$result = $graphServiceClient->roleManagement()->defender()->roleAssignments()->post($requestBody)->wait();
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.unified_role_assignment_multiple import UnifiedRoleAssignmentMultiple
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = UnifiedRoleAssignmentMultiple(
odata_type = "#microsoft.graph.unifiedRoleAssignmentMultiple",
display_name = "Example role assignment",
role_definition_id = "b5c08161-a7af-481c-ace2-a20a69a48fb1",
principal_ids = [
"8e811502-ebda-4782-8f81-071d17f0f892",
"30e3492f-964c-4d73-88c6-986a53c6e2a0",
],
app_scope_ids = [
"Mdc",
"/CloudSet/123",
],
)
result = await graph_client.role_management.defender.role_assignments.post(request_body)
Respuesta
En el ejemplo siguiente se muestra la respuesta.
Nota: Se puede acortar el objeto de respuesta que se muestra aquí para mejorar la legibilidad.
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#roleManagement/defender/roleAssignments/$entity",
"@odata.type": "#microsoft.graph.unifiedRoleAssignmentMultiple",
"id": "28ca5a85-489a-49a0-b555-0a6d81e56f0d",
"roleDefinitionId": "b5c08161-a7af-481c-ace2-a20a69a48fb1",
"principalIds": [
"8e811502-ebda-4782-8f81-071d17f0f892",
"30e3492f-964c-4d73-88c6-986a53c6e2a0"
],
"appScopeIds": [
"Mdc", "/CloudSet/123"
]
}