实际上,我尝试运行下面的 PowerShell 脚本,该脚本将告诉我有关 Azure 订阅中的角色分配的信息:-
$tenantId = "xxxxxx"
$subscriptionId = "xxxxxxx"
# Log in to Azure withtenant and subscription IDs
Connect-AzAccount -Tenant $tenantId -Subscription $subscriptionId -UseDeviceAuthentication
#Role Assignment Function
Function Function-RoleAssignments(){
Write-Host "'n> Checking IAM Role Assignments…'n" -ForegroundColor Green
$Global:RoleAssignments = [System.Collections.ArrayList]::new()
$RoleAssignment = Get-AzRoleAssignment -Scope ("/subscriptions/"+Sglobal:SourceSubscription )
foreach($role in $RoleAssignment){
$csvObject = New-Object PSObject
Add-Member -inputObject $csv0bject -memberType NoteProperty -name "Display Name" -value$role.DisplayName
Add-Member -inputObject $csvObject -memberType NoteProperty -name "SignIn Name" -value $role.SignInliame
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Object Type" -value $role.ObjectType
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Object ID" -value $role. ObjectId
Add-Member -inputObject $csv0bject -memberType NoteProperty -name "Role" -value $role. RoleDefinitionName
Add-Member -inputObject $csv0bject -memberType NoteProperty -name "RoleDefinition ID" -value $role. RoleDefinitionId
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Scope" -value $role.Scope
Add-Member -inputObject $csv0bject -memberType NoteProperty -name "Description" -value $role. Description
Add-Member -inputObject $csv0bject -memberType NoteProperty -name "CanDelegate" -value $role. CanDelegate
$Global:RoleAssignments.Add($csvObject) | Out-Null
}
}
# Call the function to populate SGlobal:RoleAssignment
Function-RoleAssignments
# Export the collected quota information to a CSV file SGlobal:RoleAssignments | Export-Csv -Path "RoleAssignment.csv" -NoTypeInformation
Write-Host "Resource report generated and saved to RoleAssignment.csv"
运行脚本后,我遇到了以下错误:-
请帮我解决这个问题。预先感谢您:)
最佳答案
我在我的环境中尝试了相同的操作,但出现了如下所示的相同错误:
为了了解 Azure 订阅中的角色分配,我运行了下面修改后的 PowerShell 脚本:
$tenantId = "xxxxxxx"
$subscriptionId = "xxxxxxxx"
# Log in to Azure with tenant and subscription IDs
Connect-AzAccount -Tenant $tenantId -Subscription $subscriptionId -UseDeviceAuthentication
#Role Assignment Function
Function Function-RoleAssignments(){
Write-Host "`n> Checking IAM Role Assignments..." -ForegroundColor Green
$Global:RoleAssignments = [System.Collections.ArrayList]::new()
$RoleAssignment = Get-AzRoleAssignment -Scope "/subscriptions/$subscriptionId"
foreach($role in $RoleAssignment){
$csvObject = New-Object PSObject
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Display Name" -value $role.DisplayName
Add-Member -inputObject $csvObject -memberType NoteProperty -name "SignIn Name" -value $role.SignInName
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Object Type" -value $role.ObjectType
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Object ID" -value $role.ObjectId
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Role" -value $role.RoleDefinitionName
Add-Member -inputObject $csvObject -memberType NoteProperty -name "RoleDefinition ID" -value $role.RoleDefinitionId
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Scope" -value $role.Scope
Add-Member -inputObject $csvObject -memberType NoteProperty -name "Description" -value $role.Description
Add-Member -inputObject $csvObject -memberType NoteProperty -name "CanDelegate" -value $role.CanDelegate
$Global:RoleAssignments.Add($csvObject) | Out-Null
}
}
# Call the function to populate $Global:RoleAssignment
Function-RoleAssignments
# Export the collected quota information to a CSV file
$Global:RoleAssignments | Export-Csv -Path "RoleAssignment.csv" -NoTypeInformation
Write-Host "Resource report generated and saved to RoleAssignment.csv"
输出:
在 csv 文件中,指定订阅的 IAM 角色分配检索并显示,如下所示:
关于azure - 获取 AzRoleAssignment : Scope '/subscriptions' should have even number of parts,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/76936050/