This can be done via the GraphAPI CA API.
Craig Woodburn commented
The use case I have is identical to Joshua's. I have changes I'd like to make that affect a number of policies but want to test the change with a smaller test group of users first. To do this I have to duplicate each of the policies affected which is a real pain and prone to errors.
Another thing that would be really cool is to have a test environment for AAD, but I understand I'd have to pay for another tenancy to do that, plus I wouldn't be able to migrate/promote the policies from the test environment to production.
Is there a Powershell command available to create a Conditional Access Policy so that we could automate policy creation for consistent deployments?
Joshua Burke commented
When working with production policies for Conditional Access, if changes are needed, it is most reasonable to duplicate the production rule, apply it to a smaller test group, and make changes from there. At this time there is no copy/duplicate button for Conditional Access policies, so, the only method for replicating policies is to stare-and-compare in side-by-side windows.
This increases capacity for error, or misconfiguration. Also, since the "block all" apps over-blocks many Azure services that cannot be exempted, it complicates the policy creation process needing to manually re-select all apps that need to be included/excluded from the policy.
The solution is to create a copy/duplicate button that will create a copy of the existing policy, mark it as non-active, apply it to no users/groups and require a name change before saving.
This is basic UI functionality and I am very surprised that it doesn't exist.
Nick Dorak commented
Example: I have a policy to Force MFA with Exchange from All Locations, but exclude trusted locations and only for a pre-created group of users who have mailboxes created. Now I want to do the same but for teams, but I just need to change the group and app assigned. Would be a lot easer to duplicate a rule which is already working then writing each individual setting down to ensure I get it the same for the new rule.