I'm transferring a resource (storage account) from one subscription to another. During the transfer the RBAC permissions will be removed from my resource. I know you can download the RBAC permissions to have a copy, but what is the best way to add them back to my resource? Do I have to do it manually one by one? Felt like there was an easier way.
CodePudding user response:
You could download the role assignments as a csv file(without Inherited
), then use the azure powershell to assign the roles to your storage account after transferring below. Please make sure your subscriptions are in the same AAD tenant, otherwise it will not work.
$csv = Import-Csv -Path C:\Users\joyw\Desktop\role-assignments-2021-11-08.csv
$scope = "<storage account resource id after transferring>"
foreach($rs in $csv){
New-AzRoleAssignment -ObjectId $csv.ObjectId -Scope $scope -RoleDefinitionName $csv.RoleDefinitionName
}
CodePudding user response:
Thanks Joy. I should mention these resources won't be in the same ADD tenant. I'm moving the resource from one tenant to another.