Update-MgBetaPolicyCrossTenantAccessPolicyDefault
Update the default configuration of a cross-tenant access policy.
Note
To view the v1.0 release of this cmdlet, view Update-MgPolicyCrossTenantAccessPolicyDefault
Syntax
UpdateExpanded (Default)
Update-MgBetaPolicyCrossTenantAccessPolicyDefault
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-AutomaticUserConsentSettings <IMicrosoftGraphInboundOutboundPolicyConfiguration>]
[-B2BCollaborationInbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]
[-B2BCollaborationOutbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]
[-B2BDirectConnectInbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]
[-B2BDirectConnectOutbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]
[-Id <string>]
[-InboundTrust <IMicrosoftGraphCrossTenantAccessPolicyInboundTrust>]
[-InvitationRedemptionIdentityProviderConfiguration <hashtable>]
[-IsServiceDefault]
[-TenantRestrictions <IMicrosoftGraphCrossTenantAccessPolicyTenantRestrictions>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Update
Update-MgBetaPolicyCrossTenantAccessPolicyDefault
-BodyParameter <IMicrosoftGraphCrossTenantAccessPolicyConfigurationDefault>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Update the default configuration of a cross-tenant access policy.
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Policy.ReadWrite.CrossTenantAccess, |
| Delegated (personal Microsoft account) | Not supported |
| Application | Policy.ReadWrite.CrossTenantAccess, |
Examples
Example 1: Block outbound B2B collaboration for a group of users
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
b2bCollaborationOutbound = @{
usersAndGroups = @{
accessType = "blocked"
targets = @(
@{
target = "0be493dc-cb56-4a53-936f-9cf64410b8b0"
targetType = "group"
}
)
}
applications = @{
accessType = "blocked"
targets = @(
@{
target = "AllApplications"
targetType = "application"
}
)
}
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
This example will block outbound b2b collaboration for a group of users
Example 2: Update default invitation redemption configuration
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "defaultConfiguredIdp"
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
This example will update default invitation redemption configuration
Example 3: Disallow Microsoft accounts as an option for redeeming B2B invitations
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "emailOneTimePasscode"
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
This example will disallow microsoft accounts as an option for redeeming b2b invitations
Parameters
-AdditionalProperties
Additional Parameters
Parameter properties
| Type: | System.Collections.Hashtable |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-AutomaticUserConsentSettings
inboundOutboundPolicyConfiguration To construct, see NOTES section for AUTOMATICUSERCONSENTSETTINGS properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphInboundOutboundPolicyConfiguration |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-B2BCollaborationInbound
crossTenantAccessPolicyB2BSetting To construct, see NOTES section for B2BCOLLABORATIONINBOUND properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyB2BSetting |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-B2BCollaborationOutbound
crossTenantAccessPolicyB2BSetting To construct, see NOTES section for B2BCOLLABORATIONOUTBOUND properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyB2BSetting |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-B2BDirectConnectInbound
crossTenantAccessPolicyB2BSetting To construct, see NOTES section for B2BDIRECTCONNECTINBOUND properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyB2BSetting |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-B2BDirectConnectOutbound
crossTenantAccessPolicyB2BSetting To construct, see NOTES section for B2BDIRECTCONNECTOUTBOUND properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyB2BSetting |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-BodyParameter
crossTenantAccessPolicyConfigurationDefault To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyConfigurationDefault |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
Update
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Break
Wait for .NET debugger to attach
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Headers
Optional headers that will be added to the request.
Parameter properties
| Type: | System.Collections.IDictionary |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | True |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-HttpPipelineAppend
SendAsync Pipeline Steps to be appended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-HttpPipelinePrepend
SendAsync Pipeline Steps to be prepended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Id
The unique identifier for an entity. Read-only.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-InboundTrust
crossTenantAccessPolicyInboundTrust To construct, see NOTES section for INBOUNDTRUST properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyInboundTrust |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-InvitationRedemptionIdentityProviderConfiguration
defaultInvitationRedemptionIdentityProviderConfiguration
Parameter properties
| Type: | System.Collections.Hashtable |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IsServiceDefault
If true, the default configuration is set to the system default configuration. If false, the default settings are customized.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Proxy
The URI for the proxy server to use
Parameter properties
| Type: | System.Uri |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ProxyCredential
Credentials for a proxy server to use for the remote call
Parameter properties
| Type: | System.Management.Automation.PSCredential |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ProxyUseDefaultCredentials
Use the default credentials for the proxy
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RHV |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-TenantRestrictions
crossTenantAccessPolicyTenantRestrictions To construct, see NOTES section for TENANTRESTRICTIONS properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyTenantRestrictions |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
UpdateExpanded
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-WhatIf
Runs the command in a mode that only reports what would happen without performing the actions.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyConfigurationDefault
{{ Fill in the Description }}
System.Collections.IDictionary
{{ Fill in the Description }}
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphCrossTenantAccessPolicyConfigurationDefault
{{ Fill in the Description }}
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
AUTOMATICUSERCONSENTSETTINGS <IMicrosoftGraphInboundOutboundPolicyConfiguration>: inboundOutboundPolicyConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[InboundAllowed <Boolean?>]: Defines whether external users coming inbound are allowed.
[OutboundAllowed <Boolean?>]: Defines whether internal users are allowed to go outbound.
B2BCOLLABORATIONINBOUND <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>: crossTenantAccessPolicyB2BSetting
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
B2BCOLLABORATIONOUTBOUND <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>: crossTenantAccessPolicyB2BSetting
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
B2BDIRECTCONNECTINBOUND <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>: crossTenantAccessPolicyB2BSetting
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
B2BDIRECTCONNECTOUTBOUND <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>: crossTenantAccessPolicyB2BSetting
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
BODYPARAMETER <IMicrosoftGraphCrossTenantAccessPolicyConfigurationDefault>: crossTenantAccessPolicyConfigurationDefault
[(Any) <Object>]: This indicates any property can be added to this object.
[Id <String>]: The unique identifier for an entity.
Read-only.
[AutomaticUserConsentSettings <IMicrosoftGraphInboundOutboundPolicyConfiguration>]: inboundOutboundPolicyConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[InboundAllowed <Boolean?>]: Defines whether external users coming inbound are allowed.
[OutboundAllowed <Boolean?>]: Defines whether internal users are allowed to go outbound.
[B2BCollaborationInbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]: crossTenantAccessPolicyB2BSetting
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[B2BCollaborationOutbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]: crossTenantAccessPolicyB2BSetting
[B2BDirectConnectInbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]: crossTenantAccessPolicyB2BSetting
[B2BDirectConnectOutbound <IMicrosoftGraphCrossTenantAccessPolicyB2BSetting>]: crossTenantAccessPolicyB2BSetting
[InboundTrust <IMicrosoftGraphCrossTenantAccessPolicyInboundTrust>]: crossTenantAccessPolicyInboundTrust
[(Any) <Object>]: This indicates any property can be added to this object.
[IsCompliantDeviceAccepted <Boolean?>]: Specifies whether compliant devices from external Microsoft Entra organizations are trusted.
[IsHybridAzureAdJoinedDeviceAccepted <Boolean?>]: Specifies whether Microsoft Entra hybrid joined devices from external Microsoft Entra organizations are trusted.
[IsMfaAccepted <Boolean?>]: Specifies whether MFA from external Microsoft Entra organizations is trusted.
[InvitationRedemptionIdentityProviderConfiguration <IMicrosoftGraphDefaultInvitationRedemptionIdentityProviderConfiguration>]: defaultInvitationRedemptionIdentityProviderConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[FallbackIdentityProvider <String>]: b2bIdentityProvidersType
[PrimaryIdentityProviderPrecedenceOrder <String[]>]: Collection of identity providers in priority order of preference to be used for guest invitation redemption.
Possible values are: azureActiveDirectory, externalFederation, or socialIdentityProviders.
[IsServiceDefault <Boolean?>]: If true, the default configuration is set to the system default configuration.
If false, the default settings are customized.
[TenantRestrictions <IMicrosoftGraphCrossTenantAccessPolicyTenantRestrictions>]: crossTenantAccessPolicyTenantRestrictions
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[Devices <IMicrosoftGraphDevicesFilter>]: devicesFilter
[(Any) <Object>]: This indicates any property can be added to this object.
[Mode <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Rule <String>]: Defines the rule to filter the devices.
For example, device.deviceAttribute2 -eq 'PrivilegedAccessWorkstation'.
INBOUNDTRUST <IMicrosoftGraphCrossTenantAccessPolicyInboundTrust>: crossTenantAccessPolicyInboundTrust
[(Any) <Object>]: This indicates any property can be added to this object.
[IsCompliantDeviceAccepted <Boolean?>]: Specifies whether compliant devices from external Microsoft Entra organizations are trusted.
[IsHybridAzureAdJoinedDeviceAccepted <Boolean?>]: Specifies whether Microsoft Entra hybrid joined devices from external Microsoft Entra organizations are trusted.
[IsMfaAccepted <Boolean?>]: Specifies whether MFA from external Microsoft Entra organizations is trusted.
TENANTRESTRICTIONS <IMicrosoftGraphCrossTenantAccessPolicyTenantRestrictions>: crossTenantAccessPolicyTenantRestrictions
[(Any) <Object>]: This indicates any property can be added to this object.
[Applications <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[AccessType <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Targets <IMicrosoftGraphCrossTenantAccessPolicyTarget[]>]: Specifies whether to target users, groups, or applications with this rule.
[Target <String>]: Defines the target for cross-tenant access policy settings and can have one of the following values: The unique identifier of the user, group, or application AllUsers AllApplications - Refers to any Microsoft cloud application.
Office365 - Includes the applications mentioned as part of the Office 365 suite.
[TargetType <String>]: crossTenantAccessPolicyTargetType
[UsersAndGroups <IMicrosoftGraphCrossTenantAccessPolicyTargetConfiguration>]: crossTenantAccessPolicyTargetConfiguration
[Devices <IMicrosoftGraphDevicesFilter>]: devicesFilter
[(Any) <Object>]: This indicates any property can be added to this object.
[Mode <String>]: crossTenantAccessPolicyTargetConfigurationAccessType
[Rule <String>]: Defines the rule to filter the devices.
For example, device.deviceAttribute2 -eq 'PrivilegedAccessWorkstation'.