Created
February 25, 2021 09:42
-
-
Save jsnape/62cbab34ba23638a1519d68ecbe5fbcb to your computer and use it in GitHub Desktop.
Cmdlet to list resource groups and owners so you can track down who is using your Azure credit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CmdletBinding()] | |
param ([switch] $Recurse) | |
$users = @{} | |
function GetRoles { | |
param($assignments, $RoleDefinitionName) | |
$roles = $assignments | | |
Where-Object { $_.RoleDefinitionName -eq $RoleDefinitionName} | | |
Select-Object -ExpandProperty DisplayName -Unique | |
$roles | ForEach-Object { | |
if ($users.ContainsKey($_)) { | |
return | |
} | |
$users[$_] = $_ | |
Write-Verbose "New user found: $_" | |
} | |
$roles | |
} | |
$resourceGroups = Get-AzResourceGroup | |
$totalGroups = $resourceGroups.Count | |
$i = 0.0 | |
$resourceGroups | ForEach-Object { | |
$progressArgs = @{ | |
Activity = "Extracting Roles" | |
Status = $_.ResourceGroupName | |
PercentComplete = $i++ * 100.0 / $totalGroups | |
} | |
Write-Progress @progressArgs | |
$auth = $_ | Get-AzRoleAssignment | Where-Object { $_.ObjectType -eq 'User'} | |
if ($Recurse) { | |
$resources = Get-AzResource -ResourceGroupName $_.ResourceGroupName | | |
ForEach-Object { | |
Write-Progress @progressArgs -CurrentOperation $_.ResourceName | |
$roleAssignmentArgs = @{ | |
ResourceGroupName = $_.ResourceGroupName | |
ResourceName = $_.ResourceName | |
ResourceType = $_.ResourceType | |
} | |
$resourceAuth = Get-AzRoleAssignment @roleAssignmentArgs -ErrorAction Ignore | | |
Where-Object { $_.ObjectType -eq 'User'} | |
[pscustomobject] [ordered] @{ | |
ResourceName = $_.ResourceName | |
ResourceType = $_.ResourceType | |
Owners = (GetRoles $resourceAuth 'Owner') | |
Contributors = (GetRoles $resourceAuth 'Contributor') | |
} | |
} | |
} | |
[pscustomobject] [ordered] @{ | |
ResourceGroupName = $_.ResourceGroupName | |
Owners = (GetRoles $auth 'Owner') | |
Contributors = (GetRoles $auth 'Contributor') | |
Resources = $resources | |
} | |
} | |
Write-Progress -Activity "Extracting Roles" -Completed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment