PowerShell – Create Windows 365 Cloud PC Provisioning Policy

11 Oct

There are a significant amount of posts that talk about creating the Windows 365 Cloud PC Provisioning Policy. In this blog post, I will demonstrate how to create the provisioning policy using PowerShell and MS Graph API with beta modules on Windows 365 Cloud PC.

Connect to MS Graph API

Step 1 – Install the MS Graph Powershell Module

#Install Microsoft Graph Module
PS C:\WINDOWS\system32> Install-Module Microsoft.Graph

Step 2 – Connect to scopes and specify which API you wish to authenticate to. If you are only doing read-only operations, I suggest you connect to “CloudPC.Read.All” in our case, we are creating the policy, so we need to change the scope to “CloudPC.ReadWrite.All”

#Read-only
PS C:\WINDOWS\system32> Connect-MgGraph -Scopes "CloudPC.Read.All"
Welcome To Microsoft Graph!

OR

#Read-Write
PS C:\WINDOWS\system32> Connect-MgGraph -Scopes "CloudPC.ReadWrite.All"
Welcome To Microsoft Graph!
Permissions for MS Graph API

Step 3 –  Choose between v1.0 (Generally Available) and Beta API versions. Note for Windows 365 Cloud PC the API calls are BETA.

#Beta APIs
PS C:\WINDOWS\system32> Select-MgProfile -Name "beta"

OR

#Production APIs (Not Applicable)
PS C:\WINDOWS\system32> Select-MgProfile -Name "v1.0"

Create Provisioning Policy

We are creating a provisioning policy that involves the following: (avdwin365mem/win365CreateProvPolicy at main · askaresh/avdwin365mem (github.com))

  • Azure AD Joined Cloud PC desktops
  • The region for deployment – Australia East
  • Image Name – Windows 11 Ent + Optimization (from the Gallery)
  • Language & Region – English (United States)
  • Note – Post provisioning, you need to add the assignment AAD group to this policy
$params = @{
	"@odata.type" = "#microsoft.graph.cloudPcProvisioningPolicy"
	Description = "Hi Test Powershell Prov Deployment"
	DisplayName = "CloudPC-ProvPshell01"
	DomainJoinConfiguration = @{
		DomainJoinType = "azureADJoin"
        regionName = "australiaeast"
	}
	ImageDisplayName = "Windows 11 Enterprise + OS Optimizations 22H2"
	ImageId = "MicrosoftWindowsDesktop_windows-ent-cpc_win11-22h2-ent-cpc-os"
	ImageType = "gallery"
	WindowsSettings = @{
		Language = "en-US"
	}
}

New-MgDeviceManagementVirtualEndpointProvisioningPolicy -BodyParameter $params

Powershell Output

Policy will show up in the MEM Portal

Optional Properties

If you are doing on-premise network integration (Azure Network Connection) , then the following additional property and value is required. In my lab, I am leveraging the Microsoft Managed Network, so this is not required.

OnPremisesConnectionId = "4e47d0f6-6f77-44f0-8893-c0fe1701ffff"

I hope you will find this helpful information for creating a provisioning policy using PowerShell. Please let me know if I have missed any steps or details, and I will be happy to update the post.

Thanks,
Aresh Sarkari

3 Responses to “PowerShell – Create Windows 365 Cloud PC Provisioning Policy”

Trackbacks/Pingbacks

  1. PowerShell – Assign a AAD group to the Windows 365 Cloud PC Provisioning Policy | AskAresh - October 12, 2022

    […] you haven’t looked at my previous blog on PowerShell – Create Windows 365 Cloud PC Provisioning Policy, please check that out first. After creating the Cloud PC provisioning policy, the next step is to […]

  2. PowerShell – Unassign/Delete the Windows 365 Cloud PC Provisioning Policy | AskAresh - October 14, 2022

    […] check out my earlier blog post on PowerShell – Create Windows 365 Cloud PC Provisioning Policy and PowerShell – Assign a AAD group to the Windows 365 Cloud PC Provisioning Policy. This is the […]

  3. Intune Newsletter - 14th October 2022 - Ignite Special - Andrew Taylor - October 14, 2022

    […] PowerShell – Create Windows 365 Cloud PC Provisioning Policy […]

Leave a Reply

%d bloggers like this: