Creating Intune role assignments

Could anybody share an example of a Device Management Role Assignment creation where a scope group is specified?

I am trying to use the MS Graph SDK to create Intune Role Assignments but I am encountering a generic error message:

New-MgDeviceManagementRoleAssignment_CreateExpanded: {
  "_version": 3,
  "Message": "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 966e53c7-ecdc-47cb-a015-7b50253fcf0a - Url: https://fef.msua08.manage.microsoft.com/StatelessRoleAdministrationFEService/deviceManagement/roleAssignments?api-version=5021-08-02",
  "CustomApiErrorPhrase": "",
  "RetryAfter": null,
  "ErrorSourceService": "",
  "HttpHeaders": "{}"

The attempted syntax is $NewRoleAssignment = New-MgDeviceManagementRoleAssignment -Description $RoleAssignmentDescription -DisplayName $RoleAssignmentName -Members $lsagroup.id -ResourceScopes $group.id -RoleScopeTags $newtag -verbose -confirm Where the description/name fields are strings, and the resource Ids are strings with the id's of the corresponding objects.