Home > Net >  How to get Storage Account containers' role assignments from Access Control tab
How to get Storage Account containers' role assignments from Access Control tab

Time:03-03

i am trying to get all objects from Access Control tab from Storage Account container using powershell.

enter image description here

Using command:

Get-AzRoleAssignment -ResourceGroupName 'devtest' -ResourceName 'sa-name' -ResourceType 'Microsoft.Storage/storageAccounts'

I am get all objects from:

  • Storage Account
  • Containers

enter image description here

As you can see, using this command im getting scopes for Storage Account and Container in the same call.

I tried using command like:

Get-AzRoleAssignment -ResourceGroupName 'devtest' -ResourceName 'SA-name' -ResourceType 'Microsoft.Storage/storageAccounts' | Where-Object -Property Scope -Like '*containers/container-name'

But i am not happy with the results because i am not getting for example Owner of this container because it is inheritate from diffrent resource

My question is, how to get Role Assignments objects from IAM blade for specific container using powershell, CLI or REST API with all objects?

CodePudding user response:

You can list the RBAC on a specific container by listing all role assignments for the storage account and excluding all containers except for the one you want to see:

Get-AzRoleAssignment -ResourceGroupName "<your-resource-group-name>" -ResourceType "Microsoft.Storage/storageAccounts" -ResourceName "<your-storage-account-name>" | Where-Object { $_.Scope -like '*/containers/<your-container-name>' -or -not ($_.Scope -like '*/storageAccounts*/default/containers/*') }

Page link:https//www.codepudding.com/net/320935.html

Prev:Azure Application gateway health check certificate mismatch
Next:How to optimize omp parallelization when batching
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding