private/review/admincenter/users/Invoke-ReviewEntraGuestUser.ps1

function Invoke-ReviewEntraGuestUser
{
    <#
    .SYNOPSIS
        Review guest users in Entra ID.
    .DESCRIPTION
        Returns review object.
    .EXAMPLE
        Invoke-ReviewEntraGuestUser;
    #>


    [cmdletbinding()]
    param
    (
    )

    BEGIN
    {
        # Object array to store guest accounts.
        $reviewAccounts = New-Object System.Collections.ArrayList;

        # Get all guest accounts.
        $guestUsers = Get-EntraIdGuest;

        # Get all users with admin roles.
        $usersWithAdminRole = Get-EntraIdUserAdminRole;
    }
    PROCESS
    {
        # Foreach guest account.
        foreach ($guestUser in $guestUsers)
        {
            # Get all roles for the guest account.
            $roles = ($usersWithAdminRole | Where-Object { $_.UserPrincipalName -eq $guestUser.UserPrincipalName }).RoleDisplayName;

            # Write to log.
            Write-Log -Category 'Entra' -Subcategory 'User' -Message ("Found guest user '{0}'" -f $guestUser.UserPrincipalName) -Level Debug;

            # Add to object array.
            $reviewAccounts += [PSCustomObject]@{
                Id                = $guestUser.Id;
                UserPrincipalName = $guestUser.UserPrincipalName;
                GivenName         = $guestUser.GivenName;
                Surname           = $guestUser.Surname;
                DisplayName       = $guestUser.DisplayName;
                Roles             = $roles;
                CreatedDateTime   = $guestUser.CreatedDateTime;
                LastSignIn        = $guestUser.SignInActivity.LastSignInDateTime;
                AccountEnabled    = $guestUser.AccountEnabled;
            };
        }
    }
    END
    {
        # Bool for review flag.
        [bool]$reviewFlag = $false;

        # If review flag should be set.
        if ($reviewAccounts.Count -gt 0)
        {
            # Should be reviewed.
            $reviewFlag = $true;
        }

        # Create new review object to return.
        [Review]$review = [Review]::new();

        # Add to object.
        $review.Id = '7fe4d30e-42bd-44d4-8066-0b732dcbda4c';
        $review.Category = 'Microsoft 365 Admin Center';
        $review.Subcategory = 'Users';
        $review.Title = 'Ensure Guest Users are reviewed';
        $review.Data = $reviewAccounts;
        $review.Review = $reviewFlag;

        # Print result.
        $review.PrintResult();

        # Return object.
        return $review;
    }
}