Add-PnPRoleDefinition

Adds a Role Defintion (Permission Level) to the site collection in the current context

Syntax

Add-PnPRoleDefinition
   -RoleName <String>
                        [-Clone <RoleDefinitionPipeBind>]
                        [-Include <PermissionKind[]>]
                        [-Exclude <PermissionKind[]>]
                        [-Description <String>]
                        [-Connection <SPOnlineConnection>]

Description

This command allows adding a custom Role Defintion (Permission Level) to the site collection in the current context. It does not replace or remove existing Role Definitions.

Examples

------------------EXAMPLE 1------------------

Add-PnPRoleDefinition -RoleName "CustomPerm"

Creates additional permission level with no permission flags enabled.

------------------EXAMPLE 2------------------

Add-PnPRoleDefinition -RoleName "NoDelete" -Clone "Contribute" -Exclude DeleteListItems

Creates additional permission level by cloning "Contribute" and removes flags DeleteListItems

------------------EXAMPLE 3------------------

Add-PnPRoleDefinition -RoleName "AddOnly" -Clone "Contribute" -Exclude DeleteListItems, EditListItems

Creates additional permission level by cloning "Contribute" and removes flags DeleteListItems and EditListItems

------------------EXAMPLE 4------------------

PS> $roleDefinition = Get-PnPRoleDefinition -Identity "Contribute"
Add-PnPRoleDefinition -RoleName "AddOnly" -Clone $roleDefinition -Exclude DeleteListItems, EditListItems

Creates additional permission level by cloning "Contribute" and removes flags DeleteListItems and EditListItems

Parameters

-Clone

An existing permission level or the name of an permission level to clone as base template.

Type:RoleDefinitionPipeBind
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Connection

Optional connection to be used by the cmdlet. Retrieve the value for this parameter by either specifying -ReturnConnection on Connect-PnPOnline or by executing Get-PnPConnection.

Type:SPOnlineConnection
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Description

Optional description for the new permission level.

Type:String
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Exclude

Specifies permission flags(s) to disable.

Type:PermissionKind[]
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Include

Specifies permission flags(s) to enable.

Type:PermissionKind[]
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-RoleName

Name of new permission level.

Type:String
Position:Named
Accept pipeline input:True
Accept wildcard characters:False