View RBAC roles available in Azure through PowerShell

View RBAC roles available in Azure through PowerShell

Q. How can I see through PowerShell all the Azure RBAC roles and the capabilities available?

A. The PowerShell script below creates output for all the Azure RBAC roles and shows the associated actions.

Switch-AzureMode -Name AzureResourceManager

foreach ($roledef in Get-AzureRoleDefinition) {
    Write-Host 'Role: '$roledef.Name
    Write-Host 'Actions'
    (Get-AzureRoleDefinition -Name $roledef.Name).Actions
    Write-Host 'NoActions'
    (Get-AzureRoleDefinition -Name $roledef.Name).NoActions
    Write-Host ([Environment]::NewLine)
} 

A sample of the output is shown below.

Role: API Management Service Contributor
Actions
Microsoft.ApiManagement/Services/*
Microsoft.Authorization/*/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Resources/subscriptions/resourceGroups/resources/read
Microsoft.Resources/subscriptions/resourceGroups/deployments/*
Microsoft.Insights/alertRules/*
Microsoft.Support/*
NoActions


Role: Application Insights Component Contributor
Actions
Microsoft.Insights/components/*
Microsoft.Insights/webtests/*
Microsoft.Authorization/*/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Resources/subscriptions/resourceGroups/resources/read
Microsoft.Resources/subscriptions/resourceGroups/deployments/*
Microsoft.Insights/alertRules/*
Microsoft.Support/*
NoActions

 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish