From 33454d5e17eccef7acd67fd6de867eab8e9c89d8 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Sat, 28 Dec 2024 03:26:56 +0300 Subject: [PATCH] Weekly Permissions sync 2024-12-28 --- permissions/new/ProvisioningInfo.json | 26 ++++++- permissions/new/permissions.json | 103 ++++++++++++++++++++++++++ 2 files changed, 125 insertions(+), 4 deletions(-) diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index f3aae871..bc6ca2fd 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -5266,6 +5266,24 @@ "resourceAppId": "" } ], + "FormsBody.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + } + ], "Goals-Export.Read.All": [ { "scheme": "DelegatedWork", @@ -10077,7 +10095,7 @@ "id": "dd689728-6eb8-4deb-bd38-2924a935f3de", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, @@ -10085,7 +10103,7 @@ "id": "4d6e30d1-e64e-4ae7-bf9d-c706cc928cef", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } @@ -10167,7 +10185,7 @@ "id": "d8914f8f-9f64-4bd1-b4d3-f5a701ed8457", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, @@ -10175,7 +10193,7 @@ "id": "8b7e8c0a-7e9d-4049-97ec-04b5e1bcaf05", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 696318dc..24805236 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -36389,6 +36389,44 @@ "ownerSecurityGroup": "cpcgraph" } }, + "RoleManagement.Read.Defender": { + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read M365 Defender RBAC configuration", + "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.", + "userDisplayName": "Read M365 Defender RBAC configuration", + "userDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read M365 Defender RBAC configuration", + "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/rolemanagement/defender/roleassignments": "least=DelegatedWork,Application", + "/rolemanagement/defender/roleassignments/{id}": "least=DelegatedWork,Application", + "/rolemanagement/defender/roledefinitions": "least=DelegatedWork,Application", + "/rolemanagement/defender/roledefinitions/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mdatpUrbac" + } + }, "RoleManagement.Read.Directory": { "schemes": { "DelegatedWork": { @@ -36595,6 +36633,71 @@ "ownerSecurityGroup": "cpcgraph" } }, + "RoleManagement.ReadWrite.Defender": { + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read M365 Defender RBAC configuration", + "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.", + "userDisplayName": "Read M365 Defender RBAC configuration", + "userDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read M365 Defender RBAC configuration", + "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/roleManagement/defender/roleassignments": "", + "/roleManagement/defender/roleassignments/{id}": "", + "/rolemanagement/defender/roledefinitions": "", + "/rolemanagement/defender/roledefinitions/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/roleManagement/defender/roleassignments": "least=DelegatedWork,Application", + "/rolemanagement/defender/roledefinitions": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/roleManagement/defender/roleassignments/{id}": "least=DelegatedWork,Application", + "/rolemanagement/defender/roledefinitions/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mdatpUrbac" + } + }, "RoleManagement.ReadWrite.Directory": { "schemes": { "DelegatedWork": {