Skip to content

Instantly share code, notes, and snippets.

@jesseloudon

jesseloudon/AzureRoleAssignmentCleanup.ps1

Created May 20, 2020 01:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jesseloudon/5ccc96c9e13576d23a090420b65b82ec to your computer and use it in GitHub Desktop.
Save jesseloudon/5ccc96c9e13576d23a090420b65b82ec to your computer and use it in GitHub Desktop.
Download ZIP
Find and remove Azure RBAC Role Assignments of 'Unknown' Type.
Raw
AzureRoleAssignmentCleanup.ps1
#AuthN
Connect-AzAccount
#Set Your Subscription ID
Set-AzContext -SubscriptionId "XXXXX-XXXXX-XXXXX-XXXXXX-XXXXXX"
#Common Variables
$FILEPATH = "C:\Temp"
$FILENAME = "AzureRoleAssignmentsToRemove.csv"
$SUBNAME = "SUBSCRIPTIONNAME"
$OBJTYPE = "Unknown"
#Find and Export-to-CSV Azure RBAC Role Assignments of 'Unknown' Type
$raunknown = Get-AzRoleAssignment | Where-Object {$_.ObjectType.Equals($OBJTYPE)} | Export-Csv "$FILEPATH\$SUBNAME-$FILENAME" -NoTypeInformation
#Import-from-CSV and Remove each Azure Role Assignment
$RASTOREMOVE = Import-CSV "$FILEPATH\$SUBNAME-$FILENAME"
$RASTOREMOVE|ForEach-Object {
$object = $_.ObjectId
$roledef = $_.RoleDefinitionName
$rolescope = $_.Scope
Remove-AzRoleAssignment -ObjectId $object -RoleDefinitionName $roledef -Scope $rolescope
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment