Microsoft.Entra.Beta.NetworkAccess-Help.xml
|
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Enable-EntraBetaGlobalSecureAccessTenant</command:name> <command:verb>Enable</command:verb> <command:noun>EntraBetaGlobalSecureAccessTenant</command:noun> <maml:description> <maml:para>Onboard the Global Secure Access service in the tenant.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Enable-EntraBetaGlobalSecureAccessTenant` cmdlet onboards the Global Secure Access service in the tenant.</maml:para> <maml:para>In delegated scenarios with work or school accounts, the signed-in user needs a supported Microsoft Entra role or a custom role with the necessary permissions:</maml:para> <maml:para>- Global Secure Access Administrator</maml:para> <maml:para>- Security Administrator</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Enable-EntraBetaGlobalSecureAccessTenant</maml:name> </command:syntaxItem> </command:syntax> <command:parameters /> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----- Example 1: Enable Global Secure Access for a tenant -----</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' Enable-EntraBetaGlobalSecureAccessTenant @odata.context : https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity onboardingStatus : onboarded onboardingErrorMessage :</dev:code> <dev:remarks> <maml:para>This command onboards the Global Secure Access service in the tenant.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------------------- CommonParameters -----------------------</maml:title> <dev:code></dev:code> <dev:remarks> <maml:para></maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaGlobalSecureAccessTenantStatus</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraBetaGlobalSecureAccessTenantStatus</command:name> <command:verb>Get</command:verb> <command:noun>EntraBetaGlobalSecureAccessTenantStatus</command:noun> <maml:description> <maml:para>Retrieves the onboarding status of the Global Secure Access service in the tenant.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraBetaGlobalSecureAccessTenantStatus` cmdlet retrieves the onboarding status of the Global Secure Access service in the tenant.</maml:para> <maml:para>For delegated scenarios involving work or school accounts, the signed-in user must have either a supported Microsoft Entra role or a custom role with the necessary permissions. The following least-privileged roles are supported for this operation:</maml:para> <maml:para>- Global Reader</maml:para> <maml:para>- Global Secure Access Administrator</maml:para> <maml:para>- Security Administrator</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraBetaGlobalSecureAccessTenantStatus</maml:name> </command:syntaxItem> </command:syntax> <command:parameters /> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>- Example 1: Check Global Secure Access status for the tenant -</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' Get-EntraBetaGlobalSecureAccessTenantStatus @odata.context onboardingStatus onboardingErrorMessage -------------- ---------------- ---------------------- https://graph.microsoft.com/beta/$metadata#networkAccess/tenantStatus/$entity offboarded</dev:code> <dev:remarks> <maml:para>This command checks if the Global Secure Access service is activated in the tenant.</maml:para> <maml:para>If the status is `offboarded`, you can activate the service with `New-EntraBetaGlobalSecureAccessTenant`.</maml:para> <maml:para>The onboarding status can be: `offboarded`, `offboarding in progress`, `onboarding in progress`, `onboarded`, `onboarding error`, or `offboarding error`.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>----------------------- CommonParameters -----------------------</maml:title> <dev:code></dev:code> <dev:remarks> <maml:para></maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraBetaPrivateAccessApplication</command:name> <command:verb>Get</command:verb> <command:noun>EntraBetaPrivateAccessApplication</command:noun> <maml:description> <maml:para>Retrieves a list of all Private Access applications, or if specified, details of a specific application.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraBetaPrivateAccessApplication` cmdlet retrieves a list of all Private Access applications, or if specified, details of a specific application.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraBetaPrivateAccessApplication</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The Object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraBetaPrivateAccessApplication</maml:name> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationName</maml:name> <maml:description> <maml:para>Specifies a specific application name to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The Object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationName</maml:name> <maml:description> <maml:para>Specifies a specific application name to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----- Example 1: Retrieve all Private Access applications -----</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' Get-EntraBetaPrivateAccessApplication displayName : testApp1 appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb id : bbbbbbbb-1111-2222-3333-cccccccccccc tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} createdDateTime : 14/06/2024 12:38:50 AM displayName : QuickAccess appId : dddddddd-3333-4444-5555-eeeeeeeeeeee id : eeeeeeee-4444-5555-6666-ffffffffffff tags : {HideApp, NetworkAccessQuickAccessApplication} createdDateTime : 4/07/2023 4:00:07 AM</dev:code> <dev:remarks> <maml:para>This command retrieves all Private Access applications, including Quick Access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Retrieve a specific Private Access application by object Id</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaPrivateAccessApplication | Where-Object {$_.displayName -eq 'Finance team file share'} Get-EntraBetaPrivateAccessApplication -ApplicationId $application.Id displayName : QuickAccess appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb id : bbbbbbbb-1111-2222-3333-cccccccccccc tags : {HideApp, NetworkAccessQuickAccessApplication} createdDateTime : 4/07/2023 4:00:07 AM</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve information for a specific Private Access application by object id.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 3: Retrieve a specific Private Access application by name</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' Get-EntraBetaPrivateAccessApplication -ApplicationName 'Finance team file share' displayName : Finance team file share appId : aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb id : bbbbbbbb-1111-2222-3333-cccccccccccc tags : {IsAccessibleViaZTNAClient, HideApp, PrivateAccessNonWebApplication} createdDateTime : 14/06/2024 12:38:50 AM</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve information for a specific Private Access application by application name.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Get-EntraBetaPrivateAccessApplicationSegment</command:name> <command:verb>Get</command:verb> <command:noun>EntraBetaPrivateAccessApplicationSegment</command:noun> <maml:description> <maml:para>Retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Get-EntraBetaPrivateAccessApplicationSegment` cmdlet retrieves a list of all application segments associated to a Private Access application, or if specified, details of a specific application segment.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Get-EntraBetaPrivateAccessApplicationSegment</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The Object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> <command:syntaxItem> <maml:name>Get-EntraBetaPrivateAccessApplicationSegment</maml:name> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The Object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationSegmentId</maml:name> <maml:description> <maml:para>Specifies a specific application segment to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The Object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationSegmentId</maml:name> <maml:description> <maml:para>Specifies a specific application segment to retrieve.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>Example 1: Retrieve all application segments associated to an application</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaApplication -Filter "displayName eq '<GlobalSecureAccess_Application_DisplayName>'" Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id destinationHost : 10.1.1.20 destinationType : ip port : 0 ports : {22-22} protocol : tcp id : cccc2222-dd33-4444-55ee-666666ffffff</dev:code> <dev:remarks> <maml:para>This command retrieves all application segments for an application.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Retrieve a specific application segment associated to an application</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaApplication -Filter "displayName eq '<GlobalSecureAccess_Application_DisplayName>'" $applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id destinationHost : 10.1.1.20 destinationType : ip port : 0 ports : {22-22} protocol : tcp id : cccc2222-dd33-4444-55ee-666666ffffff</dev:code> <dev:remarks> <maml:para>This example demonstrates how to retrieve information for a specific application segment.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-EntraBetaPrivateAccessApplication</command:name> <command:verb>New</command:verb> <command:noun>EntraBetaPrivateAccessApplication</command:noun> <maml:description> <maml:para>Creates a Private Access application and assigns a connector group to it.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `New-EntraBetaPrivateAccessApplication` cmdlet creates a Private Access application and assigns a connector group to it.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-EntraBetaPrivateAccessApplication</maml:name> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationName</maml:name> <maml:description> <maml:para>The name of the new Private Access application.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ConnectorGroupId</maml:name> <maml:description> <maml:para>Specifies a connector group to assign to the application. Use `Get-EntraBetaApplicationProxyConnectorGroup` to retrieve connector details or `New-EntraBetaApplicationProxyConnectorGroup` to create a new group.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>Example 1: Create a new Private Access app and assign the default connector group</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application'</dev:code> <dev:remarks> <maml:para>This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to the default connector group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Create a new Private Access app and assign a specific connector group</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $connectorGroup = Get-EntraBetaApplicationProxyConnectorGroup -Filter "Name eq 'Contoso GSA Group'" New-EntraBetaPrivateAccessApplication -ApplicationName 'Contoso GSA Application' -ConnectorGroupId $connectorGroup.Id</dev:code> <dev:remarks> <maml:para>This example shows how to create a new Private Access application named `Contoso GSA Application` and assign it to a specific connector group.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaApplicationProxyConnectorGroup</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>New-EntraBetaPrivateAccessApplicationSegment</command:name> <command:verb>New</command:verb> <command:noun>EntraBetaPrivateAccessApplicationSegment</command:noun> <maml:description> <maml:para>Creates an application segment associated to a Private Access application.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `New-EntraBetaPrivateAccessApplicationSegment` cmdlet creates an application segment associated to a Private Access application.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>New-EntraBetaPrivateAccessApplicationSegment</maml:name> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="1" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DestinationHost</maml:name> <maml:description> <maml:para>Destination host for the application segment. It can be an IP address, a range of IPs (10.10.10.1..10.10.10.200), a CIDR range (10.1.1.0/24) or an FQDN (ssh.contoso.local). Additionally, DNS suffixes for Quick Access can be created with dnsSuffix.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Ports</maml:name> <maml:description> <maml:para>Ports for the application segment. It can be a single port, a range (1..100) or a list (22,3389).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>Protocol</maml:name> <maml:description> <maml:para>Protocol for the application segment. It can be a single protocol (TCP) or a list (TCP,UDP).</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.Collections.Generic.List`1[System.String]</command:parameterValue> <dev:type> <maml:name>System.Collections.Generic.List`1[System.String]</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>DestinationType</maml:name> <maml:description> <maml:para>Destination type for the application segment. It can be "ipAddress", "dnsSuffix", "ipRangeCidr", "ipRange", or "FQDN".</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>-------- Example 1: Create a simple application segment --------</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaApplication -Filter "displayName eq '<GlobalSecureAccess_Application_DisplayName>'" $params = @{ ApplicationId = $application.Id DestinationHost = 'ssh.contoso.local' Ports = 22 Protocol = 'TCP' DestinationType = 'FQDN' } New-EntraBetaPrivateAccessApplicationSegment @params destinationHost : ssh.contoso.local destinationType : FQDN port : 0 ports : {22-22} protocol : tcp id : cccc2222-dd33-4444-55ee-666666ffffff</dev:code> <dev:remarks> <maml:para></maml:para> </dev:remarks> </command:example> <command:example> <maml:title>Example 2: Create an application segment using ranges of IPs and multiple ports</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaApplication -Filter "displayName eq '<GlobalSecureAccess_Application_DisplayName>'" $params = @{ ApplicationId = $application.Id DestinationHost = '192.168.1.100..192.168.1.110' Ports = '22,3389' Protocol = 'TCP,UDP' DestinationType = 'ipRange' } New-EntraBetaPrivateAccessApplicationSegment @params destinationHost : 192.168.1.100..192.168.1.110 destinationType : ipRange port : 0 ports : {22-22, 3389-3389} protocol : tcp,udp id : cccc2222-dd33-4444-55ee-666666ffffff</dev:code> <dev:remarks> <maml:para></maml:para> </dev:remarks> </command:example> <command:example> <maml:title>-- Example 3: Create application segment using an input file --</maml:title> <dev:code>$csvFile = "C:\temp\AppSegments.csv" # Assuming the CSV file has columns named 'AppObjectId', 'DestHost', 'ports', 'protocol', 'type' $variables = Import-Csv $csvFile # Loop through each row of the CSV and execute the command for each set of variables foreach ($variable in $variables) { $appObjectId = $variable.AppObjectId $destHost = $variable.DestHost $ports = $variable.ports -split "," $protocol = $variable.protocol -split "," $type = $variable.type # Execute the command $params = @{ ApplicationId = $appObjectId DestinationHost = $destHost Ports = $ports Protocol = $protocol DestinationType = $type } New-EntraBetaPrivateAccessApplicationSegment @params }</dev:code> <dev:remarks> <maml:para></maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Remove-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraBetaApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"> <command:details> <command:name>Remove-EntraBetaPrivateAccessApplicationSegment</command:name> <command:verb>Remove</command:verb> <command:noun>EntraBetaPrivateAccessApplicationSegment</command:noun> <maml:description> <maml:para>Removes an application segment associated to a Private Access application.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>The `Remove-EntraBetaPrivateAccessApplicationSegment` cmdlet removes application segments associated to a Private Access application.</maml:para> </maml:description> <command:syntax> <command:syntaxItem> <maml:name>Remove-EntraBetaPrivateAccessApplicationSegment</maml:name> </command:syntaxItem> </command:syntax> <command:parameters> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="ObjectId"> <maml:name>ApplicationId</maml:name> <maml:description> <maml:para>The object ID of a Private Access application object.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> <command:parameter required="true" variableLength="true" globbing="false" pipelineInput="False" position="named" aliases="none"> <maml:name>ApplicationSegmentId</maml:name> <maml:description> <maml:para>The application segment ID of the application segment to be deleted.</maml:para> </maml:description> <command:parameterValue required="true" variableLength="false">System.String</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> </dev:type> <maml:description> <maml:para>System.Nullable`1[[System. Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]] System.Nullable`1[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <command:returnValue> <dev:type> <maml:name>System.Object</maml:name> </dev:type> <maml:description> <maml:para></maml:para> </maml:description> </command:returnValue> </command:returnValues> <maml:alertSet> <maml:alert> <maml:para></maml:para> </maml:alert> </maml:alertSet> <command:examples> <command:example> <maml:title>----------- Example 1: Delete an application segment -----------</maml:title> <dev:code>Connect-Entra -Scopes 'NetworkAccessPolicy.ReadWrite.All', 'Application.ReadWrite.All', 'NetworkAccess.ReadWrite.All' $application = Get-EntraBetaApplication -Filter "displayName eq '<GlobalSecureAccess_Application_DisplayName>'" $applicationSegment = Get-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id | Where-Object {$_.destinationType -eq 'fqdn'} Remove-EntraBetaPrivateAccessApplicationSegment -ApplicationId $application.Id -ApplicationSegmentId $applicationSegment.Id</dev:code> <dev:remarks> <maml:para>This example shows how to remove an application segment associated to a Private Access application.</maml:para> <maml:para>- `ApplicationId` is the application Object ID of the Private Access Application.</maml:para> <maml:para>- `ApplicationSegmentId` is the application segment identifier to be deleted.</maml:para> </dev:remarks> </command:example> </command:examples> <command:relatedLinks> <maml:navigationLink> <maml:linkText>Get-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>New-EntraBetaPrivateAccessApplicationSegment</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> <maml:navigationLink> <maml:linkText>Get-EntraBetaApplication</maml:linkText> <maml:uri></maml:uri> </maml:navigationLink> </command:relatedLinks> </command:command> </helpItems> |