From 1e754ea926eb4fa5a04e44ee37d2b2418be9cd3b Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Fri, 27 Mar 2026 03:30:41 +0300 Subject: [PATCH 1/3] Weekly Permissions sync 2026-03-27 --- permissions/new/permissions.json | 95 +++++++++++++++++++++++++++ permissions/new/provisioningInfo.json | 66 ++++++++++++++++++- 2 files changed, 160 insertions(+), 1 deletion(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 6cb9ceef..95ad6e47 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -4413,6 +4413,7 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/directories/{id}/discover": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=Application", + "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=Application", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=Application" } @@ -4430,6 +4431,17 @@ "/serviceprincipals/{id}/synchronization/secrets": "least=Application" } }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=Application" + } + }, { "schemeKeys": [ "Application" @@ -22767,6 +22779,21 @@ "/rolemanagement/entitlementmanagement/roledefinitions/{id}": "least=DelegatedWork,Application" } }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identitygovernance/accessevaluationdetections": "least=DelegatedWork,Application", + "/identitygovernance/accessevaluationdetections/{id}": "least=DelegatedWork,Application", + "/identitygovernance/accessevaluationpolicies": "least=DelegatedWork,Application", + "/identitygovernance/accessevaluationpolicies/{id}": "least=DelegatedWork,Application" + } + }, { "schemeKeys": [ "Application" @@ -23010,6 +23037,58 @@ "paths": { "/identitygovernance/entitlementmanagement/settings": "least=DelegatedWork,Application" } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identitygovernance/accessevaluationdetections": "", + "/identitygovernance/accessevaluationdetections/{id}": "", + "/identitygovernance/accessevaluationpolicies": "", + "/identitygovernance/accessevaluationpolicies/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/identitygovernance/catalogs/{id}/accessevaluationpolicies": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/identitygovernance/accessevaluationdetections/{id}": "least=DelegatedWork,Application", + "/identitygovernance/catalogs/{id}/accessevaluationpolicies/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/identitygovernance/catalogs/{id}/accessevaluationpolicies/{id}": "least=DelegatedWork,Application" + } } ], "ownerInfo": { @@ -33690,6 +33769,10 @@ "/networkAccess/forwardingProfiles": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}/policies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}/policyRules": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}/policyRules/{id}": "least=DelegatedWork,Application", "/networkaccess/privateAccessConfigs/{id}": "least=DelegatedWork,Application", "/networkAccess/privateNetworks": "least=DelegatedWork,Application", "/networkAccess/privateNetworks/{id}": "least=DelegatedWork,Application", @@ -33795,6 +33878,10 @@ "/networkaccess/logs/remoteNetworks": "", "/networkaccess/logs/traffic": "", "/networkaccess/logs/traffic/{id}": "", + "/networkAccess/mcpPolicies": "", + "/networkAccess/mcpPolicies/{id}": "", + "/networkAccess/mcpPolicies/{id}/policyRules": "", + "/networkAccess/mcpPolicies/{id}/policyRules/{id}": "", "/networkaccess/privateAccessConfigs/{id}": "", "/networkAccess/privateNetworks": "", "/networkAccess/privateNetworks/{id}": "", @@ -33857,6 +33944,8 @@ "/networkAccess/filteringProfiles/{id}/policies": "least=DelegatedWork,Application", "/networkAccess/forwardingPolicies/{id}/policyRules": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}/policies": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}/policyRules": "least=DelegatedWork,Application", "/networkaccess/privateAccessConfigs/{id}": "least=DelegatedWork,Application", "/networkAccess/privateNetworks": "least=DelegatedWork,Application", "/networkAccess/securityProviderPolicies": "least=DelegatedWork,Application", @@ -33893,6 +33982,8 @@ "/networkAccess/forwardingPolicies/{id}/policyRules/{id}": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}/policies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}/policyRules/{id}": "least=DelegatedWork,Application", "/networkaccess/privateAccessConfigs/{id}": "least=DelegatedWork,Application", "/networkAccess/privateNetworks/{id}": "least=DelegatedWork,Application", "/networkAccess/securityProviderPolicies/{id}": "least=DelegatedWork,Application", @@ -33929,6 +34020,8 @@ "/networkAccess/filteringProfiles/{id}/policies/{id}": "least=DelegatedWork,Application", "/networkAccess/forwardingPolicies/{id}/policyRules/{id}": "least=DelegatedWork,Application", "/networkAccess/forwardingProfiles/{id}/policies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}": "least=DelegatedWork,Application", + "/networkAccess/mcpPolicies/{id}/policyRules/{id}": "least=DelegatedWork,Application", "/networkaccess/privateAccessConfigs/{id}": "least=DelegatedWork,Application", "/networkAccess/privateNetworks/{id}": "least=DelegatedWork,Application", "/networkAccess/securityProviderPolicies/{id}": "least=DelegatedWork,Application", @@ -48645,6 +48738,7 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/restart": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=DelegatedWork", + "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=DelegatedWork" } @@ -48749,6 +48843,7 @@ "PATCH" ], "paths": { + "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}": "least=DelegatedWork,Application" } } diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index 849d37d2..72738651 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -533,7 +533,25 @@ "isEnabled": false, "resourceAppId": "00000002-0000-0000-c000-000000000000" } - ], + ], + "AgentIdentityBlueprint.UpdateManagerApps.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "AgentIdentityBlueprintPrincipal.Read.All": [ { "id": "", @@ -641,6 +659,42 @@ "isEnabled": true, "resourceAppId": "00000002-0000-0000-c000-000000000000" } + ], + "AgentRegistration.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "59eca866-2f46-40b8-96ff-63f663121ef9" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "59eca866-2f46-40b8-96ff-63f663121ef9" + } + ], + "AgentRegistration.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "59eca866-2f46-40b8-96ff-63f663121ef9" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "59eca866-2f46-40b8-96ff-63f663121ef9" + } ], "Agreement.Read.All": [ { @@ -12327,6 +12381,16 @@ "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } ], + "Calls.ReportSyntheticMedia.All": [ + { + "id": "e4d4cb9c-a3d1-425d-90a2-8504eb334d6b", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" + } + ], "RecordsManagement.Read.All": [ { "id": "07f995eb-fc67-4522-ad66-2b8ca8ea3efd", From 41badab52ef4bb114202a47b1932341310d79ee6 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Fri, 27 Mar 2026 04:19:17 +0300 Subject: [PATCH 2/3] Weekly Permissions sync 2026-03-27 --- permissions/new/permissions.json | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 95ad6e47..75483a6c 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -4413,7 +4413,6 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/directories/{id}/discover": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=Application", - "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=Application", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=Application" } @@ -4431,17 +4430,6 @@ "/serviceprincipals/{id}/synchronization/secrets": "least=Application" } }, - { - "schemeKeys": [ - "Application" - ], - "methods": [ - "PATCH" - ], - "paths": { - "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=Application" - } - }, { "schemeKeys": [ "Application" @@ -48738,7 +48726,6 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/restart": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=DelegatedWork", - "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=DelegatedWork" } @@ -48843,7 +48830,6 @@ "PATCH" ], "paths": { - "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}": "least=DelegatedWork,Application" } } From b3a0532c849b4dd4d9ccc6227878ce4abd9e2236 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Fri, 27 Mar 2026 04:25:45 +0300 Subject: [PATCH 3/3] Weekly Permissions sync 2026-03-27 --- permissions/new/permissions.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 75483a6c..95ad6e47 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -4413,6 +4413,7 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/directories/{id}/discover": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=Application", + "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=Application", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=Application", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=Application" } @@ -4430,6 +4431,17 @@ "/serviceprincipals/{id}/synchronization/secrets": "least=Application" } }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=Application" + } + }, { "schemeKeys": [ "Application" @@ -48726,6 +48738,7 @@ "/serviceprincipals/{id}/synchronization/jobs/{id}/restart": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/parseexpression": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/start": "least=DelegatedWork", + "/serviceprincipals/{id}/synchronization/jobs/{id}/validateconnectivity": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/validatecredentials": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/parseexpression": "least=DelegatedWork" } @@ -48830,6 +48843,7 @@ "PATCH" ], "paths": { + "/serviceprincipals/{id}/synchronization/connectivityparameters": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}": "least=DelegatedWork,Application" } }