Skip to content

Commit

Permalink
Daily automation
Browse files Browse the repository at this point in the history
  • Loading branch information
@merill
merill committed Dec 11, 2024
1 parent 9429a1a commit 21abd21
Show file tree
Hide file tree
Showing 4 changed files with 117 additions and 0 deletions.
4 changes: 4 additions & 0 deletions _info/GraphAppRoles.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,8 @@
"e330c4f0-4170-414e-a55a-2f022ec2b57b","DeviceManagementRBAC.ReadWrite.All","Read and write Microsoft Intune RBAC settings","Allows the app to read and write the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings, without a signed-in user."
"06a5fe6d-c49d-46a7-b082-56b1b14103c7","DeviceManagementServiceConfig.Read.All","Read Microsoft Intune configuration","Allows the app to read Microsoft Intune service properties including device enrollment and third party service connection configuration, without a signed-in user."
"5ac13192-7ace-4fcf-b828-1a26f28068ee","DeviceManagementServiceConfig.ReadWrite.All","Read and write Microsoft Intune configuration","Allows the app to read and write Microsoft Intune service properties including device enrollment and third party service connection configuration, without a signed-in user."
"dd9febb5-0c6d-419f-b256-3afe12c6adeb","DeviceTemplate.Read.All","Read all device templates","Allows the app to read all device templates, without a signed-in user."
"9fadb66e-6421-4744-aede-4ab6fb98a884","DeviceTemplate.ReadWrite.All","Read and write all device templates","Allows the app to create, read, update and delete any device template, without a signed-in user. It also allows the app to add or remove owners on any device template."
"7ab1d382-f21e-4acd-a863-ba3e13f7da61","Directory.Read.All","Read directory data","Allows the app to read data in your organization's directory, such as users, groups and apps, without a signed-in user."
"19dbc75e-c2e2-444c-a770-ec69d8559fc7","Directory.ReadWrite.All","Read and write directory data","Allows the app to read and write data in your organization's directory, such as users, and groups, without a signed-in user. Does not allow user or group deletion."
"ae73097b-cb2a-4447-b064-5d80f6093921","DirectoryRecommendations.Read.All","Read all Azure AD recommendations","Allows the app to read all Azure AD recommendations, without a signed-in user."
Expand Down Expand Up @@ -246,6 +248,8 @@
"4f994bc0-31bb-44bb-b480-7a7c1be8c02e","MultiTenantOrganization.Read.All","Read all multi-tenant organization details and tenants","Allows the app to read all multi-tenant organization details and tenants, without a signed-in user."
"f9c2b2a7-3895-4b2e-80f6-c924b456e50b","MultiTenantOrganization.ReadBasic.All","Read multi-tenant organization basic details and active tenants","Allows the app to read multi-tenant organization basic details and active tenants, without a signed-in user."
"920def01-ca61-4d2d-b3df-105b46046a70","MultiTenantOrganization.ReadWrite.All","Read and write all multi-tenant organization details and tenants","Allows the app to read and write all multi-tenant organization details and tenants, without a signed-in user."
"6daaff82-2880-496d-9d80-57e8e31195e2","MutualTlsOauthConfiguration.Read.All","Read all configurations used for mutual-TLS client authentication.","Allows the app to read configuration used for OAuth 2.0 mutual-TLS client authentication, without a signed-in user. This includes reading trusted certificate authorities."
"78bbf8cf-07d8-45ba-b0eb-1a7b48efbcf1","MutualTlsOauthConfiguration.ReadWrite.All","Read and write all configurations used for mutual-TLS client authentication.","Allows the app to read and update configuration used for OAuth 2.0 mutual-TLS client authentication, without a signed-in user. This includes reading and updating trusted certificate authorities."
"40049381-3cc1-42af-94ec-5ce755db4b0d","NetworkAccess-Reports.Read.All","Read all network access reports","Allows the app to read all network access reports without a signed-in user."
"e30060de-caa5-4331-99d3-6ac6c966a9a4","NetworkAccess.Read.All","Read all network access information","Allows the app to read all network access information and configuration settings without a signed-in user."
"b10642fc-a6cf-4c46-87f9-e1f96c2a18aa","NetworkAccess.ReadWrite.All","Read and write all network access information","Allows the app to read and write all network access information and configuration settings without a signed-in user."
Expand Down
48 changes: 48 additions & 0 deletions _info/GraphAppRoles.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1655,6 +1655,30 @@
"Value": "DeviceManagementServiceConfig.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
],
"Description": "Allows the app to read all device templates, without a signed-in user.",
"DisplayName": "Read all device templates",
"Id": "dd9febb5-0c6d-419f-b256-3afe12c6adeb",
"IsEnabled": true,
"Origin": "Application",
"Value": "DeviceTemplate.Read.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
],
"Description": "Allows the app to create, read, update and delete any device template, without a signed-in user. It also allows the app to add or remove owners on any device template.",
"DisplayName": "Read and write all device templates",
"Id": "9fadb66e-6421-4744-aede-4ab6fb98a884",
"IsEnabled": true,
"Origin": "Application",
"Value": "DeviceTemplate.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
Expand Down Expand Up @@ -2963,6 +2987,30 @@
"Value": "MultiTenantOrganization.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
],
"Description": "Allows the app to read configuration used for OAuth 2.0 mutual-TLS client authentication, without a signed-in user. This includes reading trusted certificate authorities.",
"DisplayName": "Read all configurations used for mutual-TLS client authentication.",
"Id": "6daaff82-2880-496d-9d80-57e8e31195e2",
"IsEnabled": true,
"Origin": "Application",
"Value": "MutualTlsOauthConfiguration.Read.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
],
"Description": "Allows the app to read and update configuration used for OAuth 2.0 mutual-TLS client authentication, without a signed-in user. This includes reading and updating trusted certificate authorities.",
"DisplayName": "Read and write all configurations used for mutual-TLS client authentication.",
"Id": "78bbf8cf-07d8-45ba-b0eb-1a7b48efbcf1",
"IsEnabled": true,
"Origin": "Application",
"Value": "MutualTlsOauthConfiguration.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AllowedMemberTypes": [
"Application"
Expand Down
5 changes: 5 additions & 0 deletions _info/GraphDelegateRoles.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,7 @@
"a197cdc4-a8e8-4d49-9d35-4ca7c83887b4","DelegatedPermissionGrant.Read.All","Read delegated permission grants","Allows the app to read delegated permission grants, on behalf of the signed in user."
"41ce6ca6-6826-4807-84f1-1c82854f7ee5","DelegatedPermissionGrant.ReadWrite.All","Manage all delegated permission grants","Allows the app to manage permission grants for delegated permissions exposed by any API (including Microsoft Graph), on behalf of the signed in user."
"bac3b9c2-b516-4ef4-bd3b-c2ef73d8d804","Device.Command","Communicate with user devices","Allows the app to launch another app or communicate with another app on a user's device on behalf of the signed-in user."
"edc92e89-a987-48a9-911a-a7b1967dd7b1","Device.CreateFromOwnedTemplate","Create devices based on owned device templates","Allows the app to create device objects based on device templates owned by the signed-in user, on behalf of the signed in user."
"11d4cd79-5ba5-460f-803f-e22c8ab85ccd","Device.Read","Read user devices","Allows the app to read a user's list of devices on behalf of the signed-in user."
"951183d1-1a61-466f-a6d1-1fde911bfd95","Device.Read.All","Read all devices","Allows the app to read your organization's devices' configuration information on behalf of the signed-in user."
"280b3b69-0437-44b1-bc20-3b2fca1ee3e9","DeviceLocalCredential.Read.All","Read device local credential passwords","Allows the app to read device local credential properties including passwords, on behalf of the signed-in user."
Expand All @@ -147,6 +148,8 @@
"0c5e8a55-87a6-4556-93ab-adc52c4d862d","DeviceManagementRBAC.ReadWrite.All","Read and write Microsoft Intune RBAC settings","Allows the app to read and write the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings."
"8696daa5-bce5-4b2e-83f9-51b6defc4e1e","DeviceManagementServiceConfig.Read.All","Read Microsoft Intune configuration","Allows the app to read Microsoft Intune service properties including device enrollment and third party service connection configuration."
"662ed50a-ac44-4eef-ad86-62eed9be2a29","DeviceManagementServiceConfig.ReadWrite.All","Read and write Microsoft Intune configuration","Allows the app to read and write Microsoft Intune service properties including device enrollment and third party service connection configuration."
"2bcae0b0-aa93-48e4-a9e4-855482dffdcd","DeviceTemplate.Read.All","Read all device templates","Allows the app to read all device templates, on behalf of the signed in user."
"2d372e98-f1ae-406c-a157-2ea83f6f5e4a","DeviceTemplate.ReadWrite.All","Read and write all device templates","Allows the app to create, read, update and delete the device template, on behalf of the signed in user. It also allows the app to add or remove owners on any device template."
"0e263e50-5827-48a4-b97c-d940288653c7","Directory.AccessAsUser.All","Access directory as the signed in user","Allows the app to have the same access to information in the directory as the signed-in user."
"06da0dbc-49e2-44d2-8312-53f166ab848a","Directory.Read.All","Read directory data","Allows the app to read data in your organization's directory, such as users, groups and apps."
"c5366453-9fb0-48a5-a156-24f0c49a4b84","Directory.ReadWrite.All","Read and write directory data","Allows the app to read and write data in your organization's directory, such as users, and groups. It does not allow the app to delete users or groups, or reset user passwords."
Expand Down Expand Up @@ -267,6 +270,8 @@
"526aa72a-5878-49fe-bf4e-357973af9b06","MultiTenantOrganization.Read.All","Read multi-tenant organization details and tenants","Allows the app to read multi-tenant organization details and tenants on behalf of the signed-in user."
"225db56b-15b2-4daa-acb3-0eec2bbe4849","MultiTenantOrganization.ReadBasic.All","Read multi-tenant organization basic details and active tenants","Allows the app to read multi-tenant organization basic details and active tenants on behalf of the signed-in user."
"77af1528-84f3-4023-8d90-d219cd433108","MultiTenantOrganization.ReadWrite.All","Read and write multi-tenant organization details and tenants","Allows the app to read and write multi-tenant organization details and tenants on behalf of the signed-in user."
"51ae584e-e736-4718-897b-10af70f8e3cc","MutualTlsOauthConfiguration.Read.All","Read all configurations used for mutual-TLS client authentication.","Allows the app to read configuration used for OAuth 2.0 mutual-TLS client authentication, on behalf of the signed-in user. This includes reading trusted certificate authorities."
"a51115bc-f64f-498f-bcee-00dcd28f4a03","MutualTlsOauthConfiguration.ReadWrite.All","Read and write all configurations used for mutual-TLS client authentication.","Allows the app to read and update configuration used for OAuth 2.0 mutual-TLS client authentication, on behalf of the signed-in user. This includes adding and updating trusted certificate authorities."
"b0c61509-cfc3-42bd-9bd4-66d81785fee4","NetworkAccess-Reports.Read.All","Read all network access reports","Allows the app to read all network access reports on behalf of the signed-in user."
"2f7013e0-ab4e-447f-a5e1-5d419950692d","NetworkAccess.Read.All","Read all network access information","Allows the app to read all network access information on behalf of the signed-in user."
"ae2df9c5-f18d-4ec4-a51b-bdeb807f177b","NetworkAccess.ReadWrite.All","Read and write all network access information","Allows the app to read and write all network access information and configuration settings on behalf of the signed-in user."
Expand Down
60 changes: 60 additions & 0 deletions _info/GraphDelegateRoles.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1571,6 +1571,18 @@
"Value": "Device.Command",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to create device objects based on device templates owned by the signed-in user, on behalf of the signed in user.",
"AdminConsentDisplayName": "Create devices based on owned device templates",
"Id": "edc92e89-a987-48a9-911a-a7b1967dd7b1",
"IsEnabled": true,
"Origin": null,
"Type": "Admin",
"UserConsentDescription": "Allows the app to create device objects based on device templates you own, on your behalf.",
"UserConsentDisplayName": "Create devices based on device templates you own",
"Value": "Device.CreateFromOwnedTemplate",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to read a user's list of devices on behalf of the signed-in user.",
"AdminConsentDisplayName": "Read user devices",
Expand Down Expand Up @@ -1775,6 +1787,30 @@
"Value": "DeviceManagementServiceConfig.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to read all device templates, on behalf of the signed in user.",
"AdminConsentDisplayName": "Read all device templates",
"Id": "2bcae0b0-aa93-48e4-a9e4-855482dffdcd",
"IsEnabled": true,
"Origin": null,
"Type": "Admin",
"UserConsentDescription": "Allows the app to read all device templates, on your behalf.",
"UserConsentDisplayName": "Read all device templates",
"Value": "DeviceTemplate.Read.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to create, read, update and delete the device template, on behalf of the signed in user. It also allows the app to add or remove owners on any device template.",
"AdminConsentDisplayName": "Read and write all device templates",
"Id": "2d372e98-f1ae-406c-a157-2ea83f6f5e4a",
"IsEnabled": true,
"Origin": null,
"Type": "Admin",
"UserConsentDescription": "Allows the app to create, read, update and delete any device template, on your behalf. It also allows the app to add or remove owners on any device template.",
"UserConsentDisplayName": "Read and write all device templates",
"Value": "DeviceTemplate.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to have the same access to information in the directory as the signed-in user.",
"AdminConsentDisplayName": "Access directory as the signed in user",
Expand Down Expand Up @@ -3215,6 +3251,30 @@
"Value": "MultiTenantOrganization.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to read configuration used for OAuth 2.0 mutual-TLS client authentication, on behalf of the signed-in user. This includes reading trusted certificate authorities.",
"AdminConsentDisplayName": "Read all configurations used for mutual-TLS client authentication.",
"Id": "51ae584e-e736-4718-897b-10af70f8e3cc",
"IsEnabled": true,
"Origin": null,
"Type": "Admin",
"UserConsentDescription": "Allows the app to read configuration used for OAuth 2.0 mutual-TLS client authentication, on your behalf. This includes reading trusted certificate authorities.",
"UserConsentDisplayName": "Read all configurations used for mutual-TLS client authentication.",
"Value": "MutualTlsOauthConfiguration.Read.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to read and update configuration used for OAuth 2.0 mutual-TLS client authentication, on behalf of the signed-in user. This includes adding and updating trusted certificate authorities.",
"AdminConsentDisplayName": "Read and write all configurations used for mutual-TLS client authentication.",
"Id": "a51115bc-f64f-498f-bcee-00dcd28f4a03",
"IsEnabled": true,
"Origin": null,
"Type": "Admin",
"UserConsentDescription": "Allows the app to read and update configuration used for OAuth 2.0 mutual-TLS client authentication, on your behalf. This includes adding and updating trusted certificate authorities.",
"UserConsentDisplayName": "Read and write all configurations used for mutual-TLS client authentication.",
"Value": "MutualTlsOauthConfiguration.ReadWrite.All",
"AdditionalProperties": {}
},
{
"AdminConsentDescription": "Allows the app to read all network access reports on behalf of the signed-in user.",
"AdminConsentDisplayName": "Read all network access reports",
Expand Down

0 comments on commit 21abd21

Please sign in to comment.