entra rolepermission list
Lists all Microsoft Entra ID role permissions
Usage
m365 entra rolepermission list [options]
Options
-n, --resourceNamespace [resourceNamespace]The namespace of the resource for which to retrieve role permissions.
-p, --privilegedRetrieve only sensitive role permissions.
-h, --help [help]Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are
options,examples,remarks,response,full. Default isoptions.--query [query]JMESPath query string. See http://jmespath.org/ for more information and examples.
-o, --output [output]Output type.
json,text,csv,md,none. Defaultjson.--verboseRuns command with verbose logging.
--debugRuns command with debug logging.
Remarks
warning
The command is based on an API that is currently in preview and is subject to change once the API reached general availability.
Examples
Get a list of role permissions
m365 entra rolepermission list --resourceNamespace 'microsoft.directory'
Get a list of sensitive role permissions
m365 entra rolepermission list --resourceNamespace 'microsoft.directory' --privileged
Response
- JSON
- Text
- CSV
- Markdown
[
{
"actionVerb": null,
"description": "Create and delete access reviews, and read and update all properties of access reviews in Microsoft Entra ID",
"id": "microsoft.directory-accessReviews-allProperties-allTasks",
"isPrivileged": false,
"name": "microsoft.directory/accessReviews/allProperties/allTasks",
"resourceScopeId": null
},
{
"actionVerb": "GET",
"description": "Read all properties of access reviews",
"id": "microsoft.directory-accessReviews-allProperties-read-get",
"isPrivileged": false,
"name": "microsoft.directory/accessReviews/allProperties/read",
"resourceScopeId": null
},
{
"actionVerb": null,
"description": "Manage access reviews of application role assignments in Microsoft Entra ID",
"id": "microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks",
"isPrivileged": false,
"name": "microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks",
"resourceScopeId": null
},
{
"actionVerb": "GET",
"description": "Read all properties of access reviews of application role assignments in Microsoft Entra ID",
"id": "microsoft.directory-accessReviews-definitions.applications-allProperties-read-get",
"isPrivileged": false,
"name": "microsoft.directory/accessReviews/definitions.applications/allProperties/read",
"resourceScopeId": null
}
]
id name actionVerb isPrivileged
-------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------- ---------- ------------
microsoft.directory-accessReviews-allProperties-allTasks microsoft.directory/accessReviews/allProperties/allTasks null false
microsoft.directory-accessReviews-allProperties-read-get microsoft.directory/accessReviews/allProperties/read GET false
microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks null false
microsoft.directory-accessReviews-definitions.applications-allProperties-read-get microsoft.directory/accessReviews/definitions.applications/allProperties/read GET false
actionVerb,description,id,isPrivileged,name,resourceScopeId
,"Create and delete access reviews, and read and update all properties of access reviews in Microsoft Entra ID",microsoft.directory-accessReviews-allProperties-allTasks,0,microsoft.directory/accessReviews/allProperties/allTasks,
GET,Read all properties of access reviews,microsoft.directory-accessReviews-allProperties-read-get,0,microsoft.directory/accessReviews/allProperties/read,
,Manage access reviews of application role assignments in Microsoft Entra ID,microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks,0,microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks,
GET,Read all properties of access reviews of application role assignments in Microsoft Entra ID,microsoft.directory-accessReviews-definitions.applications-allProperties-read-get,0,microsoft.directory/accessReviews/definitions.applications/allProperties/read,
# entra rolepermission list --resourceNamespace "microsoft.directory"
Date: 1/16/2025
## microsoft.directory/accessReviews/allProperties/allTasks (microsoft.directory-accessReviews-allProperties-allTasks)
Property | Value
---------|-------
description | Create and delete access reviews, and read and update all properties of access reviews in Microsoft Entra ID
id | microsoft.directory-accessReviews-allProperties-allTasks
isPrivileged | false
name | microsoft.directory/accessReviews/allProperties/allTasks
## microsoft.directory/accessReviews/allProperties/read (microsoft.directory-accessReviews-allProperties-read-get)
Property | Value
---------|-------
actionVerb | GET
description | Read all properties of access reviews
id | microsoft.directory-accessReviews-allProperties-read-get
isPrivileged | false
name | microsoft.directory/accessReviews/allProperties/read
## microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks (microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks)
Property | Value
---------|-------
description | Manage access reviews of application role assignments in Microsoft Entra ID
id | microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks
isPrivileged | false
name | microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks
## microsoft.directory/accessReviews/definitions.applications/allProperties/read (microsoft.directory-accessReviews-definitions.applications-allProperties-read-get)
Property | Value
---------|-------
actionVerb | GET
description | Read all properties of access reviews of application role assignments in Microsoft Entra ID
id | microsoft.directory-accessReviews-definitions.applications-allProperties-read-get
isPrivileged | false
name | microsoft.directory/accessReviews/definitions.applications/allProperties/read