Search code examples
azureazure-devopscommand-line-interfaceazure-cli

Azure Devops CLI To Query Pipeline Agent Pool Security Roles

I am trying to get security roles and permissions for agent pools using azure cli, is there a way to get these?

enter image description here

I want to get higlighted users/groups list as well as roles and access levels through Azure cli commands.Can any one help me out on this?

I want to get the higlited groups and respective roles and access levels using azure cli commands

Solution

  • During the test, we haven't found the direct cli command to query the user list of agent pools, but we managed to query the result via the rest api

    ========================================================

    Updated on 11/11

    Below is for orgnization-level agent pool permission

    get https://dev.azure.com/{orgname}/_apis/securityroles/scopes/distributedtask.agentpoolrole/roleassignments/resources/{agent_pool_ID}?api-version=6.0-preview.1

    enter image description here

    Below is for project-level agent pool permission

    get https://dev.azure.com/{orgName}/_apis/securityroles/scopes/distributedtask.agentqueuerole/roleassignments/resources/{ProjectID}_{QueueID}?api-version=6.0-preview.1

    enter image description here

    You can get the {QueueID} from the project agent pool url. enter image description here

    ========================================================

    Updated on 11/15

    You could check the query entries from the 200 status result for the related records and test to modify the full rest api (sometime by lucky-draws). enter image description here