Find-MgGraphCommand: Many Cmdlets in Identity.Governance lack permission information #3292
Description
Describe the bug
I'm trying to properly identify the permissions for Cmdlets in the Identity.Governance Module but many of them lack that information.
Expected behavior
The property Permissions should contain the Graph permissions required to use these Cmdlets, i.e. Get-MgAgreementFile (this example shows both a variant with documented, and one without documented permissions).
Find-MgGraphCommand -Command Get-MgAgreementFile | Select-Object Command,URI,Permissions
Command URI Permissions
------- --- -----------
Get-MgAgreementFile /agreements/{agreement-id}/files {}
Get-MgAgreementFile /agreements/{agreement-id}/file {Agreement.Read.All, Agreement.ReadWrite.All}How to reproduce
# Load all Cmdlets in the Identity.Governance Module
$TermsOfUseCmdlets = Get-Command -Module Microsoft.Graph.Identity.Governance
# Write all Cmdlets where the length of the array "Permissions" is 0
foreach(
$Cmdlet in $TermsOfUseCmdlets){
Find-MgGraphCommand -Command $Cmdlet.Name | `
Where-Object { $_.Permissions.length -eq 0 }
}
# Gives a pretty long list of Cmdlets without any documented permissions
APIVersion: v1.0
Command Module Method URI OutputType Permissions Variants
------- ------ ------ --- ---------- ----------- --------
Get-MgAgreement Identity.Governance GET /agreements IMicrosoftGraphAgreement {} {List}
Get-MgAgreement Identity.Governance GET /agreements/{agreement-id} IMicrosoftGraphAgreement {} {Get, GetViaIdentity}
Get-MgAgreementAcceptance Identity.Governance GET /agreements/{agreement-id}/acceptances IMicrosoftGraphAgreementAcceptance {} {List}
Get-MgAgreementAcceptance Identity.Governance GET /agreements/{agreement-id}/acceptances/{agreementAcceptance-id} IMicrosoftGraphAgreementAcceptance {} {Get, GetViaIdentity}
Get-MgAgreementAcceptanceCount Identity.Governance GET /agreements/{agreement-id}/acceptances/$count {} {Get, GetViaIdentity}
[...]SDK Version
2.27.0
Latest version known to work for scenario above?
2.27.0
Known Workarounds
Using the Microsoft Graph permissions reference and guessing what could fit, but this is pretty time consuming.
Debug output
The module as 988 Cmdlets, and ther are more than 100 at least where the Permissions property is empty, providing the full output is likely not helpful but it affects Get-/Invoke-/New-/Remove- and Update-Cmdlets so therefore this output isn't complete.
Click to expand log
``` Command Module Method URI OutputType Permissions Variants ------- ------ ------ --- ---------- ----------- -------- Get-MgAgreement Identity.Governance GET /agreements IMicrosoftGraphAgreement {} {List} Get-MgAgreement Identity.Governance GET /agreements/{agreement-id} IMicrosoftGraphAgreement {} {Get, GetViaIdentity} Get-MgAgreementAcceptance Identity.Governance GET /agreements/{agreement-id}/acceptances IMicrosoftGraphAgreementAcceptance {} {List} Get-MgAgreementAcceptance Identity.Governance GET /agreements/{agreement-id}/acceptances/{agreementAcceptance-id} IMicrosoftGraphAgreementAcceptance {} {Get, GetViaIdentity} Get-MgAgreementAcceptanceCount Identity.Governance GET /agreements/{agreement-id}/acceptances/$count {} {Get, GetViaIdentity} Get-MgAgreementFile Identity.Governance GET /agreements/{agreement-id}/files IMicrosoftGraphAgreementFileLoc... {} {List} Get-MgAgreementFileCount Identity.Governance GET /agreements/{agreement-id}/files/$count {} {Get, GetViaIdentity} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations IMicrosoftGraphAgreementFileLoc... {} {List} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations/{agreementFile... IMicrosoftGraphAgreementFileLoc... {} {Get, GetViaIdentity} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations/$count {} {Get, GetViaIdentity} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations/{agreementFile... IMicrosoftGraphAgreementFileVer... {} {List} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations/{agreementFile... IMicrosoftGraphAgreementFileVer... {} {Get, GetViaIdentity} Get-MgAgreementFileLocaliza... Identity.Governance GET /agreements/{agreement-id}/file/localizations/{agreementFile... {} {Get, GetViaIdentity} Get-MgAgreementFileVersion Identity.Governance GET /agreements/{agreement-id}/files/{agreementFileLocalization-... IMicrosoftGraphAgreementFileVer... {} {List} Get-MgAgreementFileVersion Identity.Governance GET /agreements/{agreement-id}/files/{agreementFileLocalization-... IMicrosoftGraphAgreementFileVer... {} {Get, GetViaIdentity} Get-MgAgreementFileVersionC... Identity.Governance GET /agreements/{agreement-id}/files/{agreementFileLocalization-... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/accessPackageAssig... {} {Get} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/accessPackages/{ac... IMicrosoftGraphAccessPackageAss... {} {List} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/accessPackages/{ac... IMicrosoftGraphAccessPackageAss... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/accessPackages/{ac... IMicrosoftGraphAccessPackageCat... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/accessPackages/{ac... IMicrosoftGraphAccessPackage {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphAccessPackage {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphAccessPackageCat... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphCustomExtensionS... {} {List} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphCustomExtensionS... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphCustomCalloutExt... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphAccessPackageQue... {} {List} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... IMicrosoftGraphAccessPackageQue... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/assignmentPolicies... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphCustomCalloutExt... {} {List} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphCustomCalloutExt... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {List} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {Get, GetViaIdentity} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {List, List1, List2} Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {Get, Get1, Get2, ... Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... {} {Get, Get1, Get2, ... Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {Get, Get1, GetVia... Get-MgEntitlementManagement... Identity.Governance GET /identityGovernance/entitlementManagement/catalogs/{accessPa... IMicrosoftGraphAccessPackageRes... {} {Get, Get1, GetVia.. ```Configuration
- OS: Windows 11 24H2
- architecture: x64
$PSVersionTable
Name Value
---- -----
PSVersion 7.5.0
PSEdition Core
GitCommitId 7.5.0
OS Microsoft Windows 10.0.26100
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0Other information
No response