Search code examples
azurepowershellrbac

Export RBAC from all the resource groups in Azure AD to one CSV

I have dozen of RG's and its very difficult to output all role assignments from all resources from all resource groups at once. Can you please help me with Powershell script?

Solution

  • Export RBAC from all the resource groups in Azure AD to one CSV

    Here is the PowerShell script to output all RBAC role assignments from all resource groups in subscription.

        Connect-AzAccount -Subscription "Subscription-Name"
    
    $roleAssignmentData = @()
    
    $resourceGroups = Get-AzResourceGroup
    
    foreach ($resourceGroup in $resourceGroups) {
        $resourceGroupName = $resourceGroup.ResourceGroupName
        
        # Get all role assignments for the current resource group
        $roleAssignments = Get-AzRoleAssignment -ResourceGroupName $resourceGroupName
        
        # Iterate through each role assignment
        foreach ($roleAssignment in $roleAssignments) {
            $roleAssignmentData += [PSCustomObject]@{
                "ResourceGroupName" = $resourceGroupName
                "PrincipalName" = $roleAssignment.DisplayName
                "RoleName" = $roleAssignment.RoleDefinitionName
            }
        } 
    }
    
    $roleAssignmentData | Export-Csv -Path "C:\Users\xxxxxxxx\ResourceGroups-Roles-Subscription.csv" -NoTypeInformation

    Output

    enter image description here

    After running the above script, all RBAC role assignment from all resource groups in subscription are successfully exported to an Excel file.

    enter image description here