Search code examples
containersazure-powershellaclazure-data-lake-gen2azure-storage-account

Is there any Powershell script which gives us ACL permissions from all the containers in Storage account Gen 2

We have multiple subscriptions with lots of resource groups and each RG contains Gen 2 storage account. We need to export ACL permissions from all the containers in each storage account i.e. Gen2. Any suggestions?

Solution

  • Need to export ACL permissions from all the containers in each storage account i.e. Gen2. Any suggestions?

    You can use the below command to export the ACL permissions from all containers in storage accounts.

    Command:

    Connect-AzAccount
 
$storageAccounts = Get-AzStorageAccount 

$results = foreach ($storageAccount in $storageAccounts) {
    $containers = Get-AzStorageContainer -Context $storageAccount.Context
    foreach ($container in $containers) {
        $filesystem = Get-AzDataLakeGen2Item -Context $storageAccount.Context -FileSystem $container.Name
        $s = $storageAccount.storageaccountname
        $r = $storageAccount.ResourceGroupName
        $filesystemname = $container.Name
        $aclpermission = $filesystem.ACL.Permissions -join ","
        $aclaccesscontroltype=$filesystem.ACL.AccessControlType -join ","

        [PSCustomObject]@{
            StorageAccountName = $s
            ResourceGroupName = $r 
            ContainerName = $filesystemname
            ACLpermission = $aclpermission
            ACLaccesscontroltype=$aclaccesscontroltype
        }
    }
}

$results | Export-Csv -Path "output.csv" -NoTypeInformation

    The above script gets the all storageaccounts and containers it checks and fetch the ACL permissions and access controltype from the gen2 accounts.

    Output:

    enter image description here