Forum Discussion
Solved
Power shell script which shows list of RBAC role, Azure resource and Username
Hi,
Can anyone please help me with a powershell script which shows list consisting of RBAC role, Azure resource & username to whom it is allocated to?
AlphaBetaGamma Thanks- that makes sense.
The following script should do something like that, by looping through the resources and then a nested loop through the role assignments. I've included the "Display Name" field as well in case you have any roles assigned to groups- they just have a blank entry for "SignInName".foreach ($Resource in Get-AzResource) { $RoleAssignments=Get-AZRoleAssignment -ResourceGroupName $Resource.ResourceGroupName -ResourceName $Resource.Name -ResourceType $resource.type ForEach ($RoleAssignment in $RoleAssignments){ $Resource | Select-Object @{Name="Azure Resource name";Expression={$Resource.Name}}, @{Name="SignInName";Expression={$RoleAssignment.SignInName}}, @{Name="DisplayName";Expression={$RoleAssignment.DisplayName}}, @{Name="RoleDefinitionName";Expression={$RoleAssignment.RoleDefinitionName}} } }
AlphaBetaGamma How about this, using the Get-AzRoleAssignment cmdlet:
Get-AzRoleAssignment | Select-Object RoleDefinitionName, Scope , DisplayNameOutput will look something like this
RoleDefinitionName Scope DisplayName ------------------ ----- ----------- Contributor /subscriptions/(guid)/resourcegroups/myresourcegroup Bob Reader /subscriptions/(guid)/resourcegroups/myresourcegroup/myvm Jim Contributor /subscriptions/(guid)/resourcegroups/myresourcegroup/myvm SalThanks for your response, Yeah, i have tried this. But I was trying to get exact resource name against each RABC role and the username. ChrisBradshaw
AlphaBetaGamma - would you be able to write out some sample (made up) output so I can get a better idea of what you're looking for?
