IntuneBackupAndRestore

4.0.0

Public/Invoke-IntuneBackupDeviceCompliancePolicyAssignment.ps1

                                function Invoke-IntuneBackupDeviceCompliancePolicyAssignment {

    <#

    .SYNOPSIS

    Backup Intune Device Complaince Policy Assignments

    .DESCRIPTION

    Backup Intune Device Complaince Policy Assignments as JSON files per Device Compliance Policy to the specified Path.

    .PARAMETER Path

    Path to store backup files

    .EXAMPLE

    Invoke-IntuneBackupDeviceCompliancePolicyAssignment -Path "C:\temp"

    #>

    [CmdletBinding()]

    param(

        [Parameter(Mandatory = $true)]

        [string]$Path,

        [Parameter(Mandatory = $false)]

        [ValidateSet("v1.0", "Beta")]

        [string]$ApiVersion = "Beta"

    )

     #Connect to MS-Graph if required

     if($null -eq (Get-MgContext)){

        connect-mggraph -scopes "DeviceManagementApps.ReadWrite.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All" 

    }

    # Get all Device Compliance Policies

    $deviceCompliancePolicies = Invoke-MgGraphRequest -Uri "$ApiVersion/deviceManagement/deviceCompliancePolicies" | Get-MGGraphAllPages

    if ($deviceCompliancePolicies.value -ne "") {

        # Create folder if not exists

        if (-not (Test-Path "$Path\Device Compliance Policies\Assignments")) {

            $null = New-Item -Path "$Path\Device Compliance Policies\Assignments" -ItemType Directory

        }

        foreach ($deviceCompliancePolicy in $deviceCompliancePolicies) {

        $assignments = Invoke-MgGraphRequest -Uri "$ApiVersion/deviceManagement/deviceCompliancePolicies/$($deviceCompliancePolicy.id)/assignments" | Get-MGGraphAllPages

            if ($assignments) {

                $fileName = ($deviceCompliancePolicy.displayName).Split([IO.Path]::GetInvalidFileNameChars()) -join '_'

                $assignments | ConvertTo-Json | Out-File -LiteralPath "$path\Device Compliance Policies\Assignments\$fileName.json"

                [PSCustomObject]@{

                    "Action" = "Backup"

                    "Type"   = "Device Compliance Policy Assignments"

                    "Name"   = $deviceCompliancePolicy.displayName

                    "Path"   = "Device Compliance Policies\Assignments\$fileName.json"

                }

            }

        }

    }

}