I wanted to figure out how to obtain a list of all Resource Based Access ControlRBAC permissions for all the resources in one of my Azure subscription. This is a great way for Azure administrators to run reports that can quickly identify any issues with wrongly assigned permissions.
To do this quickly and efficiently while automating the whole process I'll use PowerShell. The PoSH script is fairly straightforward and only requires a few steps:
- Login to Azure
- Select the right subscription (optional, if more than one)
- Retrieve all resources
- Iterate through each one and retrieve the RBAC permissions
The script to do all this is provided below:
A quick and easy way to get access to a wealth of information. Mind you, the output of this query is raw and totally unstructured. Ideally, you would be writing the output to a file which can then be used by reporting tools.
Let me know in the comments if you have any questions.