Microsoft Graph and Setting Device Extension Attribute

I used to consider myself fairly proficient with PowerShell, but now with MS Graph I'm totally lost and struggling. We are moving from a hybrid AAD environment to Entra ID in the cloud only. We are also implementing Intune in this environment. Entra is up and working and so is Intune with a handful of test Windows devices.

Since we have both x64 and arM64 (snapdragon) devices in our environment, I need to set some dynamic device groups based on Architecture Type. I could not find anything in the GUI that listed the Arch-type and what I found online gave some examples of doing this via a PowerShell.

By using a combination of MS Graph PS commands and even an API query I've been able to get the Arch-type of each device successfully thanks to various script examples I found searching. Problem now is setting an Extension Attribute with this value.

I have tried Update-MgDevice, Update-MgDeviceExtension and New-MgDeviceExtension. These give me various errors. Sorry I've gone through so many tests and don't have a copy of the specific errors.

Here is a copy of the script I've been working with. The problem is in the 'try' section.

Connect-MgGraph -Scopes "Directory.ReadWrite.All"

$Devices = Get-MgDeviceManagementManagedDevice | select id, UserPrincipalName, deviceName, managementAgent, AzureAdDeviceId
foreach ($Device in $Devices){ 
$id = $Device.id 
$DeviceName = $Device.deviceName
$DisplayName = $DeviceName
$DeviceOwner = $Device.UserPrincipalName 
$DeviceAgent = $Device.ManagementAgent 
$DeviceIDAzure = $Device.AzureAdDeviceId 

Write-Host "ID: $id"
Write-Host "DeviceName: $DeviceName"
Write-Host "DeviceAgent: $DeviceAgent"
Write-Host "DeviceIDAzure: $DeviceIDAzure"

#"Checking device with id $id, owner $DeviceOwner and name $DeviceName, managed by $DeviceAgent"

if ($DeviceAgent -eq "mdm")
    {
    "Device managed by intune. Gathering more details"
        $uri = "https://graph.microsoft.com/beta/deviceManagement/manageddevices('$id')?`$select=hardwareinformation,processorArchitecture"
        $DMS = Invoke-MgGraphRequest -Method GET -Uri $uri
        $CPU = $DMS.processorArchitecture
        $Param = @{
"@odata.type" = "microsoft.graph.openTypeExtension"
ExtensionName = 'ExtensionAttribute1'
Key = $CPU
        }
        try 
        {
            Write-Host " Azure AD trying to add Value to extensionAttribute" -ForegroundColor Yellow
            Write-Host " Setting extensionAttribute to $CPU" -ForegroundColor Green
            #New-MgDeviceExtension -DeviceId $DeviceIDAzure -BodyParameter $Param
            update-MgDevice -DeviceId $DeviceIDAzure -BodyParameter $Param
        }
        catch 
        {
        Write-Host "Fail" -ForegroundColor Red
        Write-Error "$($_.Exception.Message)"
        }
    }
}

Any suggestions on what I'm doing wrong here? My Google foo is turning up so many different examples all supposedly to set the Extension Attribute and I've tried many of them with no success.

Thanks