Device Enrollment

Device enrollment resources enable you to control how devices join Microsoft Intune and configure the enrollment experience.

Available Resources

Assignment Filter

Resource: microsoft365_graph_beta_device_management_assignment_filterCreate dynamic filters for policy assignments.

Device Category

Resource: microsoft365_graph_beta_device_management_device_categoryOrganize devices into categories.

Enrollment Configuration

Resource: microsoft365_graph_beta_device_management_device_enrollment_configurationConfigure enrollment restrictions and settings.

Enrollment Limit

Resource: microsoft365_graph_beta_device_management_device_enrollment_limit_configurationLimit number of devices per user.

Windows Autopilot

Autopilot Deployment Profile

Resource: microsoft365_graph_beta_device_management_windows_autopilot_deployment_profile

Autopilot Device Identity

Resource: microsoft365_graph_beta_device_management_windows_autopilot_device_identity

Autopilot Device CSV Import

Resource: microsoft365_graph_beta_device_management_windows_autopilot_device_csv_import

Device Preparation Policy

Resource: microsoft365_graph_beta_device_management_windows_autopilot_device_preparation_policy

Apple Enrollment

Apple Configurator Enrollment

Resource: microsoft365_graph_beta_device_management_apple_configurator_enrollment_policy

Apple User Enrollment

Resource: microsoft365_graph_beta_device_management_apple_user_initiated_enrollment_profile_assignment

Additional Resources

Terms and Conditions

Resource: microsoft365_graph_beta_device_management_terms_and_conditions

Intune Branding

Resource: microsoft365_graph_beta_device_management_intune_branding_profile

Role Scope Tag

Resource: microsoft365_graph_beta_device_management_role_scope_tag

Assignment Filter Example

resource "microsoft365_graph_beta_device_management_assignment_filter" "windows_11_only" {
  display_name = "Windows 11 Devices"
  description  = "Filter for Windows 11 devices only"
  platform     = "windows10AndLater"
  
  rule = "(device.osVersion -startsWith \"10.0.22\") or (device.osVersion -startsWith \"10.0.23\")"
}

resource "microsoft365_graph_beta_device_management_assignment_filter" "corporate_owned" {
  display_name = "Corporate Owned Devices"
  description  = "Filter for corporate-owned devices"
  platform     = "windows10AndLater"
  
  rule = "(device.deviceOwnership -eq \"Corporate\")"
}

resource "microsoft365_graph_beta_device_management_assignment_filter" "specific_models" {
  display_name = "Surface Devices"
  description  = "Filter for Microsoft Surface devices"
  platform     = "windows10AndLater"
  
  rule = "(device.model -startsWith \"Surface\")"
}

Device Category Example

resource "microsoft365_graph_beta_device_management_device_category" "laptops" {
  display_name = "Laptops"
  description  = "Laptop devices"
}

resource "microsoft365_graph_beta_device_management_device_category" "desktops" {
  display_name = "Desktops"
  description  = "Desktop computers"
}

resource "microsoft365_graph_beta_device_management_device_category" "tablets" {
  display_name = "Tablets"
  description  = "Tablet devices"
}