Public/Copy-AvdApplicationGroupPermissions.ps1

function Copy-AvdApplicationGroupPermissions {
    <#
    .SYNOPSIS
    Copies application group permissions to another application group
    .DESCRIPTION
    The function will help you copy permissions to another application group. This based on an existing one.
    .PARAMETER FromApplicationGroupName
    Enter the AVD source application group name
    .PARAMETER FromResourceGroupName
    Enter the AVD source application group resourcegroup name
    .PARAMETER ToApplicationGroupName
    Enter the AVD destination application group name
    .PARAMETER ToResourceGroupName
    Enter the AVD destination application group resourcegroup name
    .PARAMETER FromAppGroupId
    Enter the AVD source application group resourceId
    .PARAMETER ToAppGroupId
    Enter the AVD new application group resourceId
    .EXAMPLE
    Copy-AvdApplicationGroupPermissions -FromApplicationGroupName avd-appgroup-1 -FromResourceGroupName rg-avd-01 -ToApplicationGroupName avd-appgroup-2 -ToResourceGroupName rg-avd-01
    .EXAMPLE
    Copy-AvdApplicationGroupPermissions -FromAppGroupId "/subscriptions/.../FromAppgroup" -ToAppGroupId "/subscriptions/.../ToAppgroup"
    #>

    [CmdletBinding(DefaultParameterSetName="Name")]
    param (
        [Parameter(Mandatory, ParameterSetName = "Name")]
        [ValidateNotNullOrEmpty()]
        [string]$FromApplicationGroupName,

        [Parameter(Mandatory, ParameterSetName = "Name")]
        [ValidateNotNullOrEmpty()]
        [string]$FromResourceGroupName,

        [Parameter(Mandatory, ParameterSetName = "Name")]
        [ValidateNotNullOrEmpty()]
        [string]$ToApplicationGroupName,

        [Parameter(Mandatory, ParameterSetName = "Name")]
        [ValidateNotNullOrEmpty()]
        [string]$ToResourceGroupName,

        [Parameter(Mandatory, ParameterSetName = "ResourceId")]
        [ValidateNotNullOrEmpty()]
        [string]$FromAppGroupId,

        [Parameter(Mandatory, ParameterSetName = "ResourceId")]
        [ValidateNotNullOrEmpty()]
        [string]$ToAppGroupId

    )
    Begin {
        Write-Verbose "Start copying permissions"
        AuthenticationCheck
        $graphToken = GetAuthToken -resource $Script:GraphApiUrl
    }
    Process {
        switch ($PsCmdlet.ParameterSetName) {
            Name {
                Write-Verbose "Name and ResourceGroup provided"
                $FromApplicationResults = Get-AvdApplicationGroup -ApplicationGroupName $FromApplicationGroupName -ResourceGroupName $FromResourceGroupName
                $Scope = "/subscriptions/" + $Script:subscriptionId + "/resourcegroups/" + $FromResourceGroupName + "/providers/Microsoft.DesktopVirtualization/applicationgroups/" + $FromApplicationGroupName
                $AppGroupPermissionsParameters = @{
                    ApplicationGroupName = $ToApplicationGroupName
                    ResourceGroupName = $ToResourceGroupName
                }
            }
            ResourceId {
                Write-Verbose "ResourceId provided"
                $FromApplicationResults = Get-AvdApplicationGroup -ResourceId $FromAppGroupId
                $Scope = $FromAppGroupId
                $AppGroupPermissionsParameters = @{
                    resourceId = $ToAppGroupId
                }
            }
        }
        $FromApplicationResults.assignments.properties | Where-Object { $_.Scope -eq $Scope }  | ForEach-Object {
            If ($_.principalType -eq 'User') {
                $graphUrl = $Script:GraphApiUrl + "/" + $script:GraphApiVersion + "/users/" + $_.principalId
                $identityInfo = Invoke-RestMethod -Method GET -Uri $graphUrl -Headers $graphToken
                Write-Verbose "Adding user $($identityInfo.userPrincipalName) to $ToApplicationGroupName"
            }
            Else {
                $graphUrl = $Script:GraphApiUrl + "/" + $script:GraphApiVersion + "/groups?`$filter=id eq '$($_.principalId)'"
                $identityInfo = (Invoke-RestMethod -Method GET -Uri $graphUrl -Headers $graphToken).value
                Write-Verbose "Adding group $($identityInfo.displayName) to $ToApplicationGroupName"   
            }
            Add-AvdApplicationGroupPermissions @AppGroupPermissionsParameters -PrincipalId $_.principalId
        }
    }
    End {}
}