jkbryan/Get-AzureRoleAssignments.ps1

## Get-AzureRoleAssignments.ps1
Connect-AzureRmAccount
$Logfile = "C:\Temp\RoleAssignmentsLog.csv"
If (Test-Path $Logfile) {
    Clear-Content -Path $Logfile
}
$Subscription1 = "<SubscriptionGUID>"
$Subscription2 = "<SubscriptionGUID>"
Add-Content $Logfile "RG/Subscription,RoleDefinitionName,DisplayName,SignInName,ObjectType"
#Do first subscription top level
Set-AzureRmContext -Subscription $Subscription1
$S1SubscriptionRoles = $NULL
$S1SubscriptionRoles = Get-AzureRmRoleAssignment
ForEach ($S1Role in $S1SubscriptionRoles) {
    $RoleInfo = $NULL
    [String]$RoleInfo = $Subscription1 + "," + $S1Role.RoleDefinitionName + "," + $S1Role.DisplayName + "," + $S1Role.SignInName + "," + $S1Role.ObjectType
    Add-Content $Logfile $RoleInfo
}
#Then do each RG in the first Subscription:
$S1RGs = $NULL
$S1RGs = Get-AzureRmResourceGroup
ForEach ($RG in $S1RGs) {
    $Role = $NULL
    $Roles = $NULL
    $RoleInfo = $NULL
    $RGName = $NULL
    $RGName = $RG.ResourceGroupName
    $Roles = Get-AzureRmRoleAssignment -ResourceGroupName $RGName #-SignInName "Jon@oholics.onmicrosoft.com"
    ForEach ($Role in $Roles) {
        [String]$RoleInfo = $RGName + "," + $Role.RoleDefinitionName + "," + $Role.DisplayName + "," + $Role.SignInName + "," + $Role.ObjectType
        Add-Content $Logfile $RoleInfo
    }
}
#Then the second Subscription top level:
Set-AzureRmContext -Subscription $Subscription2
$S2SubscriptionRoles = $NULL
$S2SubscriptionRoles = Get-AzureRmRoleAssignment
ForEach ($S2Role in $S2SubscriptionRoles) {
    $RoleInfo = $NULL
    [String]$RoleInfo = $Subscription2 + "," + $S2Role.RoleDefinitionName + "," + $S2Role.DisplayName + "," + $S2Role.SignInName + "," + $S2Role.ObjectType
    Add-Content $Logfile $RoleInfo
}
Add-Content $Logfile $RoleInfo
#Then do each RG in the second subscription:
$S2RGs = $NULL
$S2RGs = Get-AzureRmResourceGroup
ForEach ($RG in $S2RGs) {
    $Role = $NULL
    $Roles = $NULL
    $RoleInfo = $NULL
    $RGName = $NULL
    $RGName = $RG.ResourceGroupName
    $Roles = Get-AzureRmRoleAssignment -ResourceGroupName $RGName #-SignInName "Jon@oholics.onmicrosoft.com"
    ForEach ($Role in $Roles) {
        [String]$RoleInfo = $RGName + "," + $Role.RoleDefinitionName + "," + $Role.DisplayName + "," + $Role.SignInName + "," + $Role.ObjectType
        Add-Content $Logfile $RoleInfo
    }
}
	Connect-AzureRmAccount
	$Logfile = "C:\Temp\RoleAssignmentsLog.csv"
	If (Test-Path $Logfile) {
	Clear-Content -Path $Logfile
	}
	$Subscription1 = "<SubscriptionGUID>"
	$Subscription2 = "<SubscriptionGUID>"
	Add-Content $Logfile "RG/Subscription,RoleDefinitionName,DisplayName,SignInName,ObjectType"
	#Do first subscription top level
	Set-AzureRmContext -Subscription $Subscription1
	$S1SubscriptionRoles = $NULL
	$S1SubscriptionRoles = Get-AzureRmRoleAssignment
	ForEach ($S1Role in $S1SubscriptionRoles) {
	$RoleInfo = $NULL
	[String]$RoleInfo = $Subscription1 + "," + $S1Role.RoleDefinitionName + "," + $S1Role.DisplayName + "," + $S1Role.SignInName + "," + $S1Role.ObjectType
	Add-Content $Logfile $RoleInfo
	}
	#Then do each RG in the first Subscription:
	$S1RGs = $NULL
	$S1RGs = Get-AzureRmResourceGroup
	ForEach ($RG in $S1RGs) {
	$Role = $NULL
	$Roles = $NULL
	$RoleInfo = $NULL
	$RGName = $NULL
	$RGName = $RG.ResourceGroupName
	$Roles = Get-AzureRmRoleAssignment -ResourceGroupName $RGName #-SignInName "Jon@oholics.onmicrosoft.com"
	ForEach ($Role in $Roles) {
	[String]$RoleInfo = $RGName + "," + $Role.RoleDefinitionName + "," + $Role.DisplayName + "," + $Role.SignInName + "," + $Role.ObjectType
	Add-Content $Logfile $RoleInfo
	}
	}
	#Then the second Subscription top level:
	Set-AzureRmContext -Subscription $Subscription2
	$S2SubscriptionRoles = $NULL
	$S2SubscriptionRoles = Get-AzureRmRoleAssignment
	ForEach ($S2Role in $S2SubscriptionRoles) {
	$RoleInfo = $NULL
	[String]$RoleInfo = $Subscription2 + "," + $S2Role.RoleDefinitionName + "," + $S2Role.DisplayName + "," + $S2Role.SignInName + "," + $S2Role.ObjectType
	Add-Content $Logfile $RoleInfo
	}
	Add-Content $Logfile $RoleInfo
	#Then do each RG in the second subscription:
	$S2RGs = $NULL
	$S2RGs = Get-AzureRmResourceGroup
	ForEach ($RG in $S2RGs) {
	$Role = $NULL
	$Roles = $NULL
	$RoleInfo = $NULL
	$RGName = $NULL
	$RGName = $RG.ResourceGroupName
	$Roles = Get-AzureRmRoleAssignment -ResourceGroupName $RGName #-SignInName "Jon@oholics.onmicrosoft.com"
	ForEach ($Role in $Roles) {
	[String]$RoleInfo = $RGName + "," + $Role.RoleDefinitionName + "," + $Role.DisplayName + "," + $Role.SignInName + "," + $Role.ObjectType
	Add-Content $Logfile $RoleInfo
	}
	}