Daily automation

merill · Nov 20, 2024 · b42f6dc · b42f6dc
1 parent 73f37a1
commit b42f6dc
Show file tree

Hide file tree

Showing 4 changed files with 208 additions and 0 deletions.
diff --git a/_info/GraphAppRoles.csv b/_info/GraphAppRoles.csv
@@ -172,6 +172,8 @@
 "8116ae0f-55c2-452d-9944-d18420f5b2c8","ExternalItem.ReadWrite.OwnedBy","Read and write external items","Allows the app to read and write external items without a signed-in user. The app can only read external items of the connection that it is authorized to."
 "1987d7a0-d602-4262-ab90-cfdd43b37545","ExternalUserProfile.Read.All","Read all external user profiles","Allows the app to read available properties of external user profiles, without a signed-in user."
 "761327c9-d819-4c08-9a5f-874cd2826608","ExternalUserProfile.ReadWrite.All","Read and write all external user profiles","Allows the app to read and write available properties of external user profiles, without a signed-in user."
+"65891b00-2fd9-4e33-be27-04a53132e3df","FileIngestion.Ingest","Ingest SharePoint and OneDrive content to make it available in the search index","Allows the app to ingest SharePoint and OneDrive content to make it available in the search index, without a signed-in user."
+"766c601b-c009-4438-8290-c8b05fa00c4b","FileIngestionHybridOnboarding.Manage","Manage onboarding for a Hybrid Cloud tenant","Allows the app to manage onboarding for a Hybrid Cloud tenant, without a signed-in user."
 "01d4889c-1287-42c6-ac1f-5d1e02578ef6","Files.Read.All","Read files in all site collections","Allows the app to read all files in all site collections without a signed in user."
 "75359482-378d-4052-8f01-80520e7db3cd","Files.ReadWrite.All","Read and write files in all site collections","Allows the app to read, create, update and delete all files in all site collections without a signed in user."
 "b47b160b-1054-4efd-9ca0-e2f614696086","Files.ReadWrite.AppFolder","Have full access to the application's folder without a signed in user.","Allows the app to read, create, update and delete files in the application's folder without a signed in user."
@@ -357,9 +359,11 @@
 "79c7e69c-0d9f-4eff-97a8-49170a5a08ba","RoleEligibilitySchedule.Remove.Directory","Delete all eligible role assignments of your company's directory","Delete all eligible privileged role-based access control (RBAC) assignments of your company's directory, without a signed-in user."
 "c7fbd983-d9aa-4fa7-84b8-17382c103bc4","RoleManagement.Read.All","Read role management data for all RBAC providers","Allows the app to read role-based access control (RBAC) settings for all RBAC providers without a signed-in user. This includes reading role definitions and role assignments."
 "031a549a-bb80-49b6-8032-2068448c6a3c","RoleManagement.Read.CloudPC","Read Cloud PC RBAC settings","Allows the app to read the Cloud PC role-based access control (RBAC) settings, without a signed-in user."
+"4d6e30d1-e64e-4ae7-bf9d-c706cc928cef","RoleManagement.Read.Defender","Read M365 Defender RBAC configuration","Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user."
 "483bed4a-2ad3-4361-a73b-c83ccdbdc53c","RoleManagement.Read.Directory","Read all directory RBAC settings","Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.  This includes reading directory role templates, directory roles and memberships."
 "c769435f-f061-4d0b-8ff1-3d39870e5f85","RoleManagement.Read.Exchange","Read Exchange Online RBAC configuration","Allows the app to read the role-based access control (RBAC) configuration for your organization's Exchange Online service, without a signed-in user. This includes reading Exchange management role definitions, role groups, role group membership, role assignments, management scopes, and role assignment policies."
 "274d0592-d1b6-44bd-af1d-26d259bcb43a","RoleManagement.ReadWrite.CloudPC","Read and write all Cloud PC RBAC settings","Allows the app to read and manage the Cloud PC role-based access control (RBAC) settings, without a signed-in user. This includes reading and managing Cloud PC role definitions and memberships."
+"8b7e8c0a-7e9d-4049-97ec-04b5e1bcaf05","RoleManagement.ReadWrite.Defender","Read M365 Defender RBAC configuration","Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user."
 "9e3f62cf-ca93-4989-b6ce-bf83c28f9fe8","RoleManagement.ReadWrite.Directory","Read and write all directory RBAC settings","Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, without a signed-in user. This includes instantiating directory roles and managing directory role membership, and reading directory role templates, directory roles and memberships."
 "025d3225-3f02-4882-b4c0-cd5b541a4e80","RoleManagement.ReadWrite.Exchange","Read and write Exchange Online RBAC configuration","Allows the app to read and manage the role-based access control (RBAC) settings for your organization's Exchange Online service, without a signed-in user. This includes reading, creating, updating, and deleting Exchange management role definitions, role groups, role group membership, role assignments, management scopes, and role assignment policies."
 "ef31918f-2d50-4755-8943-b8638c0a077e","RoleManagementAlert.Read.Directory","Read all alert data for your company's directory","Allows the app to read all role-based access control (RBAC) alerts for your company's directory, without a signed-in user. This includes reading alert statuses, alert definitions, alert configurations and incidents that lead to an alert."
@@ -489,6 +493,8 @@
 "77f3a031-c388-4f99-b373-dc68676a979e","User.RevokeSessions.All","Revoke all sign in sessions for a user","Allow the app to revoke all sign in sessions for a user, without a signed-in user."
 "38d9df27-64da-44fd-b7c5-a6fbac20248f","UserAuthenticationMethod.Read.All","Read all users' authentication methods","Allows the app to read authentication methods of all users in your organization, without a signed-in user. Authentication methods include things like a user’s phone numbers and Authenticator app settings. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods."
 "50483e42-d915-4231-9639-7fdb7fd190e5","UserAuthenticationMethod.ReadWrite.All","Read and write all users' authentication methods ","Allows the application to read and write authentication methods of all users in your organization, without a signed-in user.                       Authentication methods include things like a user’s phone numbers and Authenticator app settings. This                      does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods"
+"72e00c1d-3e3d-43bb-a0b9-c435611bb1d2","UserAuthMethod-Passkey.Read.All","Read all users' passkey authentication methods","Allows the app to read passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods."
+"0400e371-7db1-4338-a269-96069eb65227","UserAuthMethod-Passkey.ReadWrite.All","Read and write all users' passkey authentication methods","Allows the application to read and write passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods"
 "4e774092-a092-48d1-90bd-baad67c7eb47","UserNotification.ReadWrite.CreatedByApp","Deliver and manage all user's notifications","Allows the app to send, read, update and delete user’s notifications, without a signed-in user."
 "de023814-96df-4f53-9376-1e2891ef5a18","UserShiftPreferences.Read.All","Read all user shift preferences","Allows the app to read all users' shift schedule preferences without a signed-in user."
 "d1eec298-80f3-49b0-9efb-d90e224798ac","UserShiftPreferences.ReadWrite.All","Read and write all user shift preferences","Allows the app to manage all users' shift schedule preferences without a signed-in user."

diff --git a/_info/GraphAppRoles.json b/_info/GraphAppRoles.json
@@ -2075,6 +2075,30 @@
     "Value": "ExternalUserProfile.ReadWrite.All",
     "AdditionalProperties": {}
   },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the app to ingest SharePoint and OneDrive content to make it available in the search index, without a signed-in user.",
+    "DisplayName": "Ingest SharePoint and OneDrive content to make it available in the search index",
+    "Id": "65891b00-2fd9-4e33-be27-04a53132e3df",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "FileIngestion.Ingest",
+    "AdditionalProperties": {}
+  },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the app to manage onboarding for a Hybrid Cloud tenant, without a signed-in user.",
+    "DisplayName": "Manage onboarding for a Hybrid Cloud tenant",
+    "Id": "766c601b-c009-4438-8290-c8b05fa00c4b",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "FileIngestionHybridOnboarding.Manage",
+    "AdditionalProperties": {}
+  },
   {
     "AllowedMemberTypes": [
       "Application"
@@ -4295,6 +4319,18 @@
     "Value": "RoleManagement.Read.CloudPC",
     "AdditionalProperties": {}
   },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.",
+    "DisplayName": "Read M365 Defender RBAC configuration",
+    "Id": "4d6e30d1-e64e-4ae7-bf9d-c706cc928cef",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "RoleManagement.Read.Defender",
+    "AdditionalProperties": {}
+  },
   {
     "AllowedMemberTypes": [
       "Application"
@@ -4331,6 +4367,18 @@
     "Value": "RoleManagement.ReadWrite.CloudPC",
     "AdditionalProperties": {}
   },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.",
+    "DisplayName": "Read M365 Defender RBAC configuration",
+    "Id": "8b7e8c0a-7e9d-4049-97ec-04b5e1bcaf05",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "RoleManagement.ReadWrite.Defender",
+    "AdditionalProperties": {}
+  },
   {
     "AllowedMemberTypes": [
       "Application"
@@ -5879,6 +5927,30 @@
     "Value": "UserAuthenticationMethod.ReadWrite.All",
     "AdditionalProperties": {}
   },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the app to read passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.",
+    "DisplayName": "Read all users' passkey authentication methods",
+    "Id": "72e00c1d-3e3d-43bb-a0b9-c435611bb1d2",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "UserAuthMethod-Passkey.Read.All",
+    "AdditionalProperties": {}
+  },
+  {
+    "AllowedMemberTypes": [
+      "Application"
+    ],
+    "Description": "Allows the application to read and write passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods",
+    "DisplayName": "Read and write all users' passkey authentication methods",
+    "Id": "0400e371-7db1-4338-a269-96069eb65227",
+    "IsEnabled": true,
+    "Origin": "Application",
+    "Value": "UserAuthMethod-Passkey.ReadWrite.All",
+    "AdditionalProperties": {}
+  },
   {
     "AllowedMemberTypes": [
       "Application"