Public/PartnerActions/New-GDAPAccessAssignments.ps1
function New-GDAPAccessAssignments() { param( [Parameter(Mandatory)] [string]$RelationshipId ) Connect-CustomerGraph -CustomerTenantId $PartnerTenantId # First access assignment try { $FirstAssignment = New-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -BodyParameter $FirstAccessAssignmentParams -ErrorAction Stop Write-Host "Created first access assignment" -ForegroundColor Green } catch { throw "Failed to create first access assignment: $_" } # Second access assignment try { $SecondAssignment = New-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -BodyParameter $SecondAccessAssignmentParams -ErrorAction Stop Write-Host "Created second access assignment" -ForegroundColor Green } catch { throw "Failed to create second access assignment: $_" } # Wait for access assignments to be created and active try { $FirstAssignmentStatus = (Get-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -DelegatedAccessAssignmentId $FirstAssignment.id -ErrorAction Stop).Status $SecondAssignmentStatus = (Get-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -DelegatedAccessAssignmentId $SecondAssignment.id -ErrorAction Stop).Status } catch { throw "Failed to get access assignment status: $_" } try { while($FirstAssignmentStatus -ne "active") { Write-Host "Waiting for first access assignment to be active.." Start-Sleep -Seconds 5 $FirstAssignmentStatus = (Get-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -DelegatedAccessAssignmentId $FirstAssignment.id -ErrorAction Stop).Status } Write-Host "First access assignment active!" -ForegroundColor Green } catch { throw "Failed to wait for first access assignment to be active: $_" } try { while($SecondAssignmentStatus -ne "active") { Write-Host "Waiting for second access assignment to be active.." Start-Sleep -Seconds 5 $SecondAssignmentStatus = (Get-MgTenantRelationshipDelegatedAdminRelationshipAccessAssignment -DelegatedAdminRelationshipId $RelationshipId -DelegatedAccessAssignmentId $SecondAssignment.id -ErrorAction Stop).Status } Write-Host "Second access assignment active!" -ForegroundColor Green } catch { throw "Failed to wait for second access assignment to be active: $_" } } |