cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Retrieve List of Users with Access to Sentinel?

danielmasters
Brass Contributor

‎Nov 07 2022 04:18 AM

‎Nov 07 2022 04:18 AM

Retrieve List of Users with Access to Sentinel?

Hi all,

 

I've been working on retrieving a list of users who have access to Sentinel.

 

So far I've only found using Get-AzRoleAssignment to be fairly useful, but so far running it against every subscription seems to be the best way.

 

Does anyone know of any other better methods to retrieve a list of users, direct/indirect (including from RBAC groups) with access to Sentinel?

 

Regards

 

Dan

Labels:
1,529 Views
0 Likes
2 Replies
Reply
2 Replies
GBushey

‎Nov 07 2022 07:53 AM

‎Nov 07 2022 07:53 AM

Re: Retrieve List of Users with Access to Sentinel?

I would think you need to check the Resource Groups that contains the Log Analytics workspace as permissions could be granted at that level and not just at the subscription level.
1 Like
Reply
danielmasters

‎Nov 08 2022 02:34 AM

‎Nov 08 2022 02:34 AM

Re: Retrieve List of Users with Access to Sentinel?

That's a good point. I'm using PIM as well, so turns out Get-AzRoleAssignment isn't the entire solution. It's a fairly involved task and not just "exporting users for Sentinel" as per requested by audit....
0 Likes
Reply